glassfish
  1. glassfish
  2. GLASSFISH-16438

Ensure that admin traffic from other servers is in fact from the same domain

    Details

    • Type: New Feature New Feature
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.1.1_b10
    • Component/s: admin
    • Labels:
      None

      Description

      Some users assign a single cert to a host, using the same cert for client SSL authentication in different GlassFish domains. This RFE would make sure that even in such an environment a server can verify that an incoming admin request from another server is from the recipient's domain and not from some other domain.

        Issue Links

          Activity

          Hide
          Tim Quinn added a comment -

          Adding info for 3.1.1 consideration:

          Why fix this issue in 3.1.1?
          Improve shortcomings in 3.1 implementation (as requested by customer)

          customer's set-up does not allow us to distinguish among multiple domains running on the same server using only the cert

          Which is the targeted build of 3.1.1 for this fix?
          b10

          Do regression tests exist for this issue?
          planned

          Which tests should QA (re)run to verify the fix did not destabilize GlassFish?
          secure admin related tests (enable secure admin, restart, deploy and access, etc.)

          Show
          Tim Quinn added a comment - Adding info for 3.1.1 consideration: Why fix this issue in 3.1.1? Improve shortcomings in 3.1 implementation (as requested by customer) customer's set-up does not allow us to distinguish among multiple domains running on the same server using only the cert Which is the targeted build of 3.1.1 for this fix? b10 Do regression tests exist for this issue? planned Which tests should QA (re)run to verify the fix did not destabilize GlassFish? secure admin related tests (enable secure admin, restart, deploy and access, etc.)
          Hide
          scatari added a comment -

          Approved for 3.1.1.
          Please provide more clarity on the tests required to verify/complete this fix without causing any regressions.

          Show
          scatari added a comment - Approved for 3.1.1. Please provide more clarity on the tests required to verify/complete this fix without causing any regressions.
          Hide
          Tim Quinn added a comment -

          Fix checked in for 3.1.1:

          Project: glassfish
          Repository: svn
          Revision: 47742
          Author: tjquinn
          Date: 2011-06-28 15:23:07 UTC
          Link:

          Log Message:
          ------------
          Check-ins for 16437, 16438, 16545

          These changes enhance secure admin so that users can

          1. enable multiple certificates as authorized for admin operations
          2. have GlassFish processes authenticate to each other using an admin username and password instead of certificates
          3. stronger checking that admin messages from other GlassFish processes are from servers in the same domain.

          Approved: Sathyan
          Tests: QL, deployment single-instance and cluster devtests

          Revisions:
          ----------
          47742

          Modified Paths:
          ---------------
          branches/3.1.1/admin/util/src/main/java/com/sun/enterprise/admin/remote/ServerRemoteAdminCommand.java
          branches/3.1.1/common/container-common/src/main/java/com/sun/enterprise/container/common/GenericAdminAuthenticator.java
          branches/3.1.1/core/kernel/src/main/java/com/sun/enterprise/v3/admin/AdminAdapter.java
          branches/3.1.1/security/core/src/main/java/com/sun/enterprise/security/admin/cli/EnableSecureAdminCommand.java
          branches/3.1.1/admin/config-api/src/main/java/com/sun/enterprise/config/serverbeans/SecureAdminPrincipal.java
          branches/3.1.1/security/core/src/main/java/com/sun/enterprise/security/admin/cli/DisableSecureAdminCommand.java
          branches/3.1.1/admin/config-api/src/main/java/com/sun/enterprise/config/serverbeans/LocalStrings.properties
          branches/3.1.1/common/container-common/src/main/java/com/sun/enterprise/container/common/LocalStrings.properties
          branches/3.1.1/security/core/src/main/java/com/sun/enterprise/security/admin/cli/SecureAdminCommand.java
          branches/3.1.1/admin/config-api/src/main/java/com/sun/enterprise/config/serverbeans/SecureAdmin.java
          branches/3.1.1/admin/util/src/main/java/com/sun/enterprise/admin/remote/RemoteAdminCommand.java

          Added Paths:
          ------------
          branches/3.1.1/security/core/src/main/java/com/sun/enterprise/security/admin/cli/SecureAdminHelperImpl.java
          branches/3.1.1/admin/config-api/src/main/java/com/sun/enterprise/config/serverbeans/SecureAdminInternalUser.java
          branches/3.1.1/admin/config-api/src/main/java/com/sun/enterprise/config/serverbeans/SecureAdminHelper.java

          Show
          Tim Quinn added a comment - Fix checked in for 3.1.1: Project: glassfish Repository: svn Revision: 47742 Author: tjquinn Date: 2011-06-28 15:23:07 UTC Link: Log Message: ------------ Check-ins for 16437, 16438, 16545 These changes enhance secure admin so that users can 1. enable multiple certificates as authorized for admin operations 2. have GlassFish processes authenticate to each other using an admin username and password instead of certificates 3. stronger checking that admin messages from other GlassFish processes are from servers in the same domain. Approved: Sathyan Tests: QL, deployment single-instance and cluster devtests Revisions: ---------- 47742 Modified Paths: --------------- branches/3.1.1/admin/util/src/main/java/com/sun/enterprise/admin/remote/ServerRemoteAdminCommand.java branches/3.1.1/common/container-common/src/main/java/com/sun/enterprise/container/common/GenericAdminAuthenticator.java branches/3.1.1/core/kernel/src/main/java/com/sun/enterprise/v3/admin/AdminAdapter.java branches/3.1.1/security/core/src/main/java/com/sun/enterprise/security/admin/cli/EnableSecureAdminCommand.java branches/3.1.1/admin/config-api/src/main/java/com/sun/enterprise/config/serverbeans/SecureAdminPrincipal.java branches/3.1.1/security/core/src/main/java/com/sun/enterprise/security/admin/cli/DisableSecureAdminCommand.java branches/3.1.1/admin/config-api/src/main/java/com/sun/enterprise/config/serverbeans/LocalStrings.properties branches/3.1.1/common/container-common/src/main/java/com/sun/enterprise/container/common/LocalStrings.properties branches/3.1.1/security/core/src/main/java/com/sun/enterprise/security/admin/cli/SecureAdminCommand.java branches/3.1.1/admin/config-api/src/main/java/com/sun/enterprise/config/serverbeans/SecureAdmin.java branches/3.1.1/admin/util/src/main/java/com/sun/enterprise/admin/remote/RemoteAdminCommand.java Added Paths: ------------ branches/3.1.1/security/core/src/main/java/com/sun/enterprise/security/admin/cli/SecureAdminHelperImpl.java branches/3.1.1/admin/config-api/src/main/java/com/sun/enterprise/config/serverbeans/SecureAdminInternalUser.java branches/3.1.1/admin/config-api/src/main/java/com/sun/enterprise/config/serverbeans/SecureAdminHelper.java

            People

            • Assignee:
              Tim Quinn
              Reporter:
              Tim Quinn
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: