geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Donald Woods (JIRA)" <...@geronimo.apache.org>
Subject [jira] Created: (GERONIMO-1489) Minor fixes/updates to jUDDI webapp and Tomcat config
Date Tue, 17 Jan 2006 18:01:41 GMT
Minor fixes/updates to jUDDI webapp and Tomcat config
-----------------------------------------------------

         Key: GERONIMO-1489
         URL: http://issues.apache.org/jira/browse/GERONIMO-1489
     Project: Geronimo
        Type: Bug
  Components: sample apps, security  
    Versions: 1.0    
 Environment: AG 1.0 on WinXP w/ Sun JDK 1.4.2_08
    Reporter: Donald Woods
 Assigned to: Donald Woods 
    Priority: Minor
     Fix For: 1.0.1, 1.1


When user accesses the console displayed webapp location of jUDDI at -
   http://localhost:8080/juddi
Part 1 - they are presented with a directory listing with happyjuddi.jsp in it instead of
the JSP automatically loading.
Part 2 - when they click on the JSP, the page loads and shows system properties, which should
not be displayed as any user has access to this JSP and some of the information could be used
to try and hack into the system (like username and OS info)
Part 3 - the uddi-tomcat configuration creates a uddi-jetty directory in the config store
instead of the expected uddi-tomcat
3 separate patches will be attached for the above using the latest 1.0 branch code.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message