geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kevan Miller (JIRA)" <j...@apache.org>
Subject [jira] Created: (GERONIMO-5243) /activemq-console does not require admin authentication
Date Thu, 08 Apr 2010 02:46:36 GMT
/activemq-console does not require admin authentication
-------------------------------------------------------

                 Key: GERONIMO-5243
                 URL: https://issues.apache.org/jira/browse/GERONIMO-5243
             Project: Geronimo
          Issue Type: Bug
      Security Level: public (Regular issues)
            Reporter: Kevan Miller
            Priority: Blocker
             Fix For: 2.2.1, 3.0


On branches/2.2 I'm able to access http://localhost:8080/activemq-console without authentication.
Since I'm able to inspect Destinations, delete Destinations, etc. , this is not a good thing.
We need to secure with geronimo-admin realm, just like the admin console.

I haven't tested on trunk, but am guessing this is a problem, there also. activemq-console
was not shipped in 2.1.0. So, it's not a problem there.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message