brooklyn-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From henev...@apache.org
Subject [05/23] brooklyn-server git commit: Don't bind to 127.0.0.1 only when using AnyoneSecurityProvider
Date Fri, 13 May 2016 09:05:15 GMT
Don't bind to 127.0.0.1 only when using AnyoneSecurityProvider

Keeps backwards compatibility - using AnyoneSecurityProvider wouldn't force brooklyn server
to bind to loopback only, but then changed to being treated same as noSecurityProvider. Revert
to initial behaviour.


Project: http://git-wip-us.apache.org/repos/asf/brooklyn-server/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-server/commit/64bb70d2
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-server/tree/64bb70d2
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-server/diff/64bb70d2

Branch: refs/heads/master
Commit: 64bb70d2946841428e882d681aaa3cf8b8b31045
Parents: 9720743
Author: Svetoslav Neykov <svetoslav.neykov@cloudsoftcorp.com>
Authored: Tue Apr 5 17:38:34 2016 +0300
Committer: Svetoslav Neykov <svetoslav.neykov@cloudsoftcorp.com>
Committed: Fri Apr 8 10:03:26 2016 +0300

----------------------------------------------------------------------
 .../brooklyn/launcher/BrooklynLauncher.java       | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/64bb70d2/launcher/src/main/java/org/apache/brooklyn/launcher/BrooklynLauncher.java
----------------------------------------------------------------------
diff --git a/launcher/src/main/java/org/apache/brooklyn/launcher/BrooklynLauncher.java b/launcher/src/main/java/org/apache/brooklyn/launcher/BrooklynLauncher.java
index 62fd7ee..be35e60 100644
--- a/launcher/src/main/java/org/apache/brooklyn/launcher/BrooklynLauncher.java
+++ b/launcher/src/main/java/org/apache/brooklyn/launcher/BrooklynLauncher.java
@@ -266,17 +266,13 @@ public class BrooklynLauncher extends BasicLauncher<BrooklynLauncher>
{
         ManagementContext managementContext = getManagementContext();
         BrooklynProperties brooklynProperties = (BrooklynProperties) managementContext.getConfig();
 
+        String securityProvider = managementContext.getConfig().getConfig(BrooklynWebConfig.SECURITY_PROVIDER_CLASSNAME);
+        // The security provider will let anyone in, but still require a password to be entered.
+        // Skip password request dialog if we know the provider will let users through.
+        boolean anyoneSecurityProvider = AnyoneSecurityProvider.class.getName().equals(securityProvider);
+
         // No security options in properties and no command line options overriding.
-        Boolean skipSecurity = skipSecurityFilter;
-        if (skipSecurity == null) {
-            String securityProvider = managementContext.getConfig().getConfig(BrooklynWebConfig.SECURITY_PROVIDER_CLASSNAME);
-            // The security provider will let anyone in, but still require a password to
be entered.
-            // Skip password request dialog if we know the provider will let users through.
-            if (AnyoneSecurityProvider.class.getName().equals(securityProvider)) {
-                skipSecurity = true;
-            }
-        }
-        if (Boolean.TRUE.equals(skipSecurity) && bindAddress==null) {
+        if (Boolean.TRUE.equals(skipSecurityFilter) && bindAddress==null) {
             LOG.info("Starting Brooklyn web-console on loopback because security is explicitly
disabled and no bind address specified");
             bindAddress = Networking.LOOPBACK;
         } else if (BrooklynWebConfig.hasNoSecurityOptions(managementContext.getConfig()))
{
@@ -310,7 +306,7 @@ public class BrooklynLauncher extends BasicLauncher<BrooklynLauncher>
{
             if (useHttps!=null) webServer.setHttpsEnabled(useHttps);
             webServer.setShutdownHandler(shutdownHandler);
             webServer.putAttributes(brooklynProperties);
-            webServer.skipSecurity(Boolean.TRUE.equals(skipSecurity));
+            webServer.skipSecurity(Boolean.TRUE.equals(skipSecurityFilter) || anyoneSecurityProvider);
             for (WebAppContextProvider webapp : webApps) {
                 webServer.addWar(webapp);
             }


Mime
View raw message