[
https://issues.apache.org/jira/browse/OFBIZ-2074?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-2074:
-----------------------------------
Attachment: requesthandler.patch
New version (2008-12-13 : 2d) easier for testing.
I also managed a "block" response, so no conflict with a possible existing
error response (could be the same view than the one we want to protect). The
default view (none - ie blanck screen - if not defined) is shown is no "block"
response is defined.
> Grey list feature for confidential data access
> ----------------------------------------------
>
> Key: OFBIZ-2074
> URL: https://issues.apache.org/jira/browse/OFBIZ-2074
> Project: OFBiz
> Issue Type: New Feature
> Components: ALL COMPONENTS
> Affects Versions: SVN trunk
> Environment: NA
> Reporter: Jacques Le Roux
> Assignee: Jacques Le Roux
> Priority: Minor
> Attachments: requesthandler.patch, requesthandler.patch,
> requesthandler.patch, requesthandler.patch, requesthandler.patch
>
> Original Estimate: 20h
> Remaining Estimate: 20h
>
> The goal is to avoid, as much as possible, confidential data leakage.
> This feature will disallow access for a period of time to a view if this view
> is accessed more than a number of time in a period of time. This will prevent
> confidential data thievery done from a compromised login/pwd couple.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
