[
https://issues.apache.org/jira/browse/QPID-4292?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Keith Wall updated QPID-4292:
-----------------------------
Assignee: Keith Wall (was: Robbie Gemmell)
Status: Open (was: Ready To Review)
We should standardise on the SC_FORBIDDEN response code and avoid the stack
trace being printed to the log.
{code}
2012-09-11 16:20:32,150 WARN [qtp404150953-56] (RestServlet.java:475) - Caught
exception
java.security.AccessControlException: Do not have permission to create new
group
at
org.apache.qpid.server.model.adapter.GroupProviderAdapter.createChild(GroupProviderAdapter.java:197)
at
org.apache.qpid.server.management.plugin.servlet.rest.RestServlet.doPutWithSubjectAndActor(RestServlet.java:436)
at
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$3.run(AbstractServlet.java:143)
at
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$3.run(AbstractServlet.java:139)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:396)
{code}
> add ACL rule to authorise access to the web management UI
> ---------------------------------------------------------
>
> Key: QPID-4292
> URL: https://issues.apache.org/jira/browse/QPID-4292
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Reporter: Keith Wall
> Assignee: Keith Wall
> Fix For: 0.19
>
>
> Extend the ACLs rules to allow users to be denied access to the two
> management UIs (JMX and Web).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
