Alex Rudyy created QPID-7416:
--------------------------------
Summary: [Java Broker] Modification of secure attributes and
creation of configured objects with specifying secure attributes should not be
permitted by default on insecure connections
Key: QPID-7416
URL: https://issues.apache.org/jira/browse/QPID-7416
Project: Qpid
Issue Type: Improvement
Components: Java Broker
Reporter: Alex Rudyy
With changes in QPID-7380 the REST layer prevents performing of secure
operations (both modifying and non-modifying) on insecure connections. It seems
that modification of secure attributes and creation of configured object with
secure attributes should not be allowed by default on insecure connections as
well, in order to avoid interception of such sensitive data as passwords,
private keys, etc.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
