geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kevan Miller (JIRA)" <>
Subject [jira] Created: (GERONIMO-1394) JMX Debug Console should require admin-level authentication
Date Mon, 19 Dec 2005 22:10:30 GMT
JMX Debug Console should require admin-level authentication

         Key: GERONIMO-1394
     Project: Geronimo
        Type: Bug
  Components: management  
    Versions: 1.0    
 Environment: 1.0 RC
    Reporter: Kevan Miller
     Fix For: 1.1

The debug console does not require user authentication. Since MBean attributes can provide
configuration and security information about a server that should not be public knowledge,
by default, the debug console should require admin-level authentication. 

I didn't see anything too sensitive in my sampling of MBean attributes... Whoops, I spoke
too soon. Here are the attributes for the DirectoryService (note the credentials attribute)...

ObjectName:   	 geronimo.server:name=DirectoryService
State: 	running
Name 	Value
anonymousAccess 	true
configFile 	(null)
enableNetworking 	true
port 	1389
providerURL 	ou=system
securityAuthentication 	simple
securityCredentials 	secret
securityPrincipal 	uid=admin,ou=system
workingDir 	(null)

There's been talk of incorporating debug console into the admin console -- which i would support
and would presumably address the problem... However, in the meantime, we may want/need to
nail down the current debug console...

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:

View raw message