A web.xml has been added to /pki web application to require SSL connection to access the PKI UI main page at /pki/ui.
https://fedorahosted.org/pki/ticket/2582 Pushed to master under trivial rule. -- Endi S. Dewata
>From 72b24a41691cc87068ff156100a0865c794038df Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" <edew...@redhat.com> Date: Tue, 21 Feb 2017 22:02:22 +0100 Subject: [PATCH] Secured PKI UI main page. A web.xml has been added to /pki web application to require SSL connection to access the PKI UI main page at /pki/ui. https://fedorahosted.org/pki/ticket/2582 --- base/server/share/webapps/pki/WEB-INF/web.xml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 base/server/share/webapps/pki/WEB-INF/web.xml diff --git a/base/server/share/webapps/pki/WEB-INF/web.xml b/base/server/share/webapps/pki/WEB-INF/web.xml new file mode 100644 index 0000000000000000000000000000000000000000..9afb41825ed80bbd7c59acc8bdbdfe3edeb16f12 --- /dev/null +++ b/base/server/share/webapps/pki/WEB-INF/web.xml @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE web-app + PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "file:///usr/share/pki/setup/web-app_2_3.dtd"> +<web-app> + + <display-name>PKI</display-name> + + <security-constraint> + <web-resource-collection> + <web-resource-name>PKI UI</web-resource-name> + <url-pattern>/ui/*</url-pattern> + </web-resource-collection> + <user-data-constraint> + <transport-guarantee>CONFIDENTIAL</transport-guarantee> + </user-data-constraint> + </security-constraint> + + <session-config> + <session-timeout>30</session-timeout> + </session-config> + +</web-app> -- 2.9.3
_______________________________________________ Pki-devel mailing list Pki-devel@redhat.com https://www.redhat.com/mailman/listinfo/pki-devel