Aaron Gresch created STORM-3251:
-----------------------------------
Summary: Using Logviewer Filter settings causes anyone to access
logs via log viewer REST API
Key: STORM-3251
URL: https://issues.apache.org/jira/browse/STORM-3251
Project: Apache Storm
Issue Type: Bug
Reporter: Aaron Gresch
Assignee: Aaron Gresch
The rest API for logviewer access is checking if UI filter params is set to
deny access to users. It's possible now to configure the logviewer without UI
filter params, so this check is no longer sufficient and can allow anyone
access to logs.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
