Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 353538

Summary: Add http authentication capapbility to admin ui
Product: z_Archived Reporter: Mike Tschierschke <mike.tschierschke>
Component: gyrexAssignee: Mike Tschierschke <mike.tschierschke>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: P3 CC: andreas.mihm, cvgaviao, gunnar
Version: unspecified   
Target Milestone: ---   
Hardware: All   
OS: All   
Whiteboard:

Description Mike Tschierschke CLA 2011-08-02 03:09:34 EDT 
We need a simple and optional possibility to restrict the access to the rap based admin ui. As discussed it should be simple http basic authentication without any role and user management for the moment.

To be independent from a running zookeeper we'll protect each node in the cloud individually.
Comment 1 Gunnar Wagenknecht CLA 2011-08-02 03:28:34 EDT 
I think it's sufficient for now to just use system properties and configure the Jetty. 

-Dgyrex.admin.secure=true
-Dgyrex.admin.auth=BASIC/admin/hash

In the future it might be desirable to delegate user management to an LDAP system, etc.
Comment 2 Mike Tschierschke CLA 2011-08-02 04:07:32 EDT 
fixed as disussed
Comment 3 Cristiano Gaviao CLA 2012-01-28 11:18:46 EST 
I suggest you to take a look on shiro.
Comment 4 Gunnar Wagenknecht CLA 2013-03-04 08:04:07 EST 
*** Bug 402273 has been marked as a duplicate of this bug. ***