Project

General

Profile

Bug #1698

Secure replication method

Added by Jing Tao over 17 years ago. Updated over 16 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
metacat
Target version:
Start date:
09/23/2004
Due date:
% Done:

0%

Estimated time:
Bugzilla-Id:
1698

Description

Curently, unsecured metacat replication action is easy to break the replication
setup. But it couldn't create a new replication without adding certification to
metacat java lib.

Actions in MetacatReplication class, such as "start", "stop" and "servercontrol"
et al, need be secured. We may use the approach in "buildindex" action in
MetaCatServelet class, it only allow administrator can operate this action.

History

#1 Updated by Jing Tao over 16 years ago

Add code to get user name and group in MetacatReplication class. Then check if
the user name is a admin when action is one of start, stop, getAll and
servercontrol. So now only admin user can change those parameters.

#2 Updated by Matt Jones over 16 years ago

Changing milestone to reflect its actual release in 1.6

#3 Updated by Redmine Admin almost 9 years ago

Original Bugzilla ID was 1698

Also available in: Atom PDF