[
https://issues.apache.org/jira/browse/QPID-3999?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alex Rudyy updated QPID-3999:
-----------------------------
Attachment: 0001-QPID-3999-Add-servlet-filter-to-set-request-credenti.patch
Attached a patch adding RequestHeaderPreAuthenticatedCredentialsFilter into
broker-web to allow set principal/subject from the specified request header.
This filter can be used to set request credentials with Single Sign-On systems
like Siteminder SS0.
Possibly, the better place for the filter could be inside of management plugin,
so, it could be used with stand-alone brokers. However, I am not sure about it
as the filter adds the potential security hole into the web console. That's why
this functionality is implemented as a filter instead of adding the code
directly into AbstractServlet.
> [Java Broker] Implement Web based management tool for the Java Broker
> ---------------------------------------------------------------------
>
> Key: QPID-3999
> URL: https://issues.apache.org/jira/browse/QPID-3999
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Reporter: Rob Godfrey
> Fix For: 0.17
>
> Attachments:
> 0001-QPID-3999-Add-authorization-checks-for-message-copy-.patch,
> 0001-QPID-3999-Add-default-constructors-to-servlets-make-.patch,
> 0001-QPID-3999-Add-java-broker-web-module-to-package-brok.patch,
> 0001-QPID-3999-Add-servlet-filter-to-set-request-credenti.patch,
> 0001-QPID-3999-Use-anonymous-subject-for-non-authenticate.patch
>
>
> Implement a web front end which uses the RESTful HTTP management API
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
