D (and possibly B)
In the case of B - instead of commenting out - wrap a filter around it
that has default behavior of not being enabled.
So it would look like this:
boolean allowTextInterface = false;
init(FilterConfig) {
String s=System.getProperty("manager.allowTextInterface");
allowTextInterface = "Y".equals(s);
}
doFilter(req,resp) {
if (!allowTextInterface) {
chain.doFilter(req,resp);
} else {
response.sendError(403);
}
}
The advantage of a system property is admins don't need to change
web.xml. They only need to add a system property on startup, which
something all admins need to do due to GC flags etc. Then for those in
the know - they can always rip out the filter from web.xml (which is D
anyways)
-Tim
On 5/7/2010 1:50 PM, Mark Thomas wrote:
I'm trying to decide the best way to back-port the configuration of this
to the (Host) Manager app in Tomcat 5 & 6.
The requirements are:
- not to break anything that currently works
- enable CSRF for the HTML interface
- the same user cannot have access to the HTML and text interfaces for
the filter to be effective.
I can't see a way to meet all of these.
The options I am considering are:
A: change the role required to access the text interface to manager-text
- consistent with Tomcat 7
- will break tools currently using the manager role
B: comment out the mapping for the test interface
- will break tools currently using the text interface
C: change the role required to access the HTML interface
- not consistent with Tomcat 7
- will break user access to the Manager GUI
D: Don't enable the filter by default but provide instructions on what
to do if you do want to enable it in the docs. Something along the lines
of:
- uncomment the Filter and filter mapping
- change the role used for the text and jmx interfaces (to match the new
names in Tomcat 7)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
