Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-11678

Protect the Tooling Support Install servlet

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • Tooling
    • None

    Description

      Currently the endpoint provided by Tooling Support Endpoint doesn't require authentication so every anonymous user can install arbitrary bundles.
      I would suggest to migrate the endpoint to a web console plugin to benefit from its built in authentication.

      Attachments

        Issue Links

          relates to

          New Feature - A new feature of the product, which has yet to be developed. SLING-3019 Provide a mechanism to install a bundle based on a directory

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. SLING-11693 Remove the jar installation feature from the Tooling Support Install bundle

          • Major - Major loss of function.
          • Closed

          Activity

            People

              Unassigned Unassigned
              kwin Konrad Windszus
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated: