[QPID-8578] [Broker-J] ACL firewall predicates should be applied to HTTP(S) connections - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Implemented
Affects Version/s: qpid-java-broker-8.0.6
Fix Version/s: qpid-java-broker-9.0.0
Component/s: Broker-J
Labels:
None

Description

When configuring an ACL rule with the firewall predicate, e.g.

ACL ALLOW-LOG admin ALL ALL from_hostname="192.169.1.1,192.169.1.2"

or

ACL ALLOW-LOG admin ALL ALL from_network="192.169.1.*"

they are currently intended to use along with the ACCESS VIRTUALHOST rule to apply firewall restrictions for the messaging client.

Firewall predicates should be applied to HTTP(S) connections as well, restricting access from undesirable hosts or networks.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Daniil Kirilyuk

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 25/Feb/22 08:39

Updated:: 11/Nov/22 12:23

Resolved:: 27/Oct/22 08:23