qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Rudyy (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (QPID-4858) [Java Broker] HTTP management ports configured with 'HTTP' protocol and 'SSL' transport options will silently fail to use SSL
Date Fri, 17 May 2013 15:39:15 GMT

    [ https://issues.apache.org/jira/browse/QPID-4858?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13660796#comment-13660796
] 

Alex Rudyy commented on QPID-4858:
----------------------------------

Fix is committed into trunk under revision: http://svn.apache.org/r1483866
                
> [Java Broker] HTTP management ports configured with 'HTTP' protocol and 'SSL' transport
options will silently fail to use SSL
> -----------------------------------------------------------------------------------------------------------------------------
>
>                 Key: QPID-4858
>                 URL: https://issues.apache.org/jira/browse/QPID-4858
>             Project: Qpid
>          Issue Type: Bug
>          Components: Java Broker
>    Affects Versions: 0.21
>            Reporter: Robbie Gemmell
>            Assignee: Robbie Gemmell
>            Priority: Blocker
>             Fix For: 0.22
>
>
> HTTP management ports configured with 'HTTP' protocol and 'SSL' transport options will
silently fail to use SSL at all.
> Since the changes made in the 0.21/0.22 development cycle for QPID-4390 and related JIRAs
to enable management of the broker entirely through the HTTP management interfaces, it has
become possible to configure HTTP management ports in a way that suggests SSL is in use when
it is in fact not.
> Fix:
> Remove the HTTPS protocol option leaving only HTTP, and making all ports consistent in
using the SSL transport value to indicate their use of SSL.
> Additional Background:
> When the HTTP management plugin was added previously, it advertised HTTPS and HTTP as
different protocol options, despite us using the transport option (TCP or SSL) alone to signal
use of SSL for all other protocol types (AMQP and JMX/RMI). The influence over whether SSL
was used for the port or not was simply a boolean in the brokers XML configuration file to
indicate HTTPS. With the configuration model changes from QPID-4390 etc, ports now have a
more specific configuration that is dependent on both the specified protocols and transports
to determine what to do but the HTTP management plugin is still only using HTTPS protocol
value to indicate that it should use SSL and is ignoring the SSL transport value, however
the REST interface and management UI allow this configuration and do not make it in any way
clear that SSL is in fact not being used.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message