Details
Description
The default security constraint defined in conf/jetty.xml secure the WebConsole.
However, it would make sense to secure all resources, including Jolokia and REST API.
The security constraint should be updated to:
<bean id="securityConstraintMapping" class="org.eclipse.jetty.security.ConstraintMapping"> <property name="constraint" ref="securityConstraint" /> <property name="pathSpec" value="/" /> </bean>
Attachments
Issue Links
- duplicates
-
AMQ-9476 Jetty config has invalid constraint mapping
- Resolved