Project

General

Profile

Bug #1698

Secure replication method

Added by Jing Tao about 16 years ago. Updated about 15 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
metacat
Target version:
Start date:
09/23/2004
Due date:
% Done:

0%

Estimated time:
Bugzilla-Id:
1698

Description

Curently, unsecured metacat replication action is easy to break the replication
setup. But it couldn't create a new replication without adding certification to
metacat java lib.

Actions in MetacatReplication class, such as "start", "stop" and "servercontrol"
et al, need be secured. We may use the approach in "buildindex" action in
MetaCatServelet class, it only allow administrator can operate this action.

History

#1 Updated by Jing Tao about 15 years ago

Add code to get user name and group in MetacatReplication class. Then check if
the user name is a admin when action is one of start, stop, getAll and
servercontrol. So now only admin user can change those parameters.

#2 Updated by Matt Jones about 15 years ago

Changing milestone to reflect its actual release in 1.6

#3 Updated by Redmine Admin over 7 years ago

Original Bugzilla ID was 1698

Also available in: Atom PDF