cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-7958) Limit user login to specific subnets
Date Fri, 14 Apr 2017 15:30:42 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-7958?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15969150#comment-15969150
] 

ASF GitHub Bot commented on CLOUDSTACK-7958:
--------------------------------------------

Github user wido commented on a diff in the pull request:

    https://github.com/apache/cloudstack/pull/2046#discussion_r111589567
  
    --- Diff: core/src/com/cloud/network/HAProxyConfigurator.java ---
    @@ -538,7 +536,7 @@ private String getLbSubRuleForStickiness(final LoadBalancerTO lbTO)
{
             if (stickinessSubRule != null && !destsAvailable) {
                 s_logger.warn("Haproxy stickiness policy for lb rule: " + lbTO.getSrcIp()
+ ":" + lbTO.getSrcPort() + ": Not Applied, cause:  backends are unavailable");
             }
    -        if (publicPort.equals(NetUtils.HTTP_PORT) && !keepAliveEnabled || httpbasedStickiness)
{
    +        if (publicPort == NetUtils.HTTP_PORT && !keepAliveEnabled || httpbasedStickiness)
{
    --- End diff --
    
    It is a port number so it should be a Int. It's a part of the NetUtils refactor. I found
that only HTTP/HTTPS port were Strings.
    
    I wanted to make the change in other files as small as possible.


> Limit user login to specific subnets
> ------------------------------------
>
>                 Key: CLOUDSTACK-7958
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-7958
>             Project: CloudStack
>          Issue Type: New Feature
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: API, Management Server
>    Affects Versions: Future
>            Reporter: Wido den Hollander
>            Assignee: Wido den Hollander
>            Priority: Minor
>             Fix For: Future
>
>
> When exposing the API there is a potential danger that a user gets his hands on a account
with Admin privileges and does bad things to a cloud.
> It would be a useful feature if we could limit certain accounts/users to specific subnets.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message