brooklyn-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sjcorbett <...@git.apache.org>
Subject [GitHub] incubator-brooklyn pull request: Brooklyn 51
Date Mon, 08 Sep 2014 16:52:39 GMT
GitHub user sjcorbett opened a pull request:

    https://github.com/apache/incubator-brooklyn/pull/154

    Brooklyn 51 

    If no security properties are set and `--noConsoleSecurity` is not set then `BrooklynLauncher`
configures the server to accept unsecured connections from `127.0.0.1` and secured external
connections that are authenticated with the user `brooklyn` and a randomly generated password
that is logged once. 
    
    The new security filter checks the remote address of the request. I'm assuming that this
can't be spoofed.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/sjcorbett/incubator-brooklyn brooklyn-51-remote-access

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/incubator-brooklyn/pull/154.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #154
    
----
commit ded72870f156f0459ef9be1768c224ad92fcb3d2
Author: Sam Corbett <sam.corbett@cloudsoftcorp.com>
Date:   2014-09-08T15:58:04Z

    Adds AbstractSecurityProvider
    
    Simplifies ExplicitUsersSecurityProvider and LdapSecurityProvider

commit b7a5ea7a59b9dd7626693d695a221fb6bce72b1f
Author: Sam Corbett <sam.corbett@cloudsoftcorp.com>
Date:   2014-09-08T16:41:09Z

    BROOKLYN-51: Brooklyn allows passworded remote access when no security configured
    
    Adds BrooklynUserWithRandomPasswordSecurityProvider. Password is logged
    once at info.

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message