EHC ❯ reloadConfiguration JMX service does not mandate any authorization

• Type: Bug
• Status: Closed
• Priority: 2 Major
• Resolution: Won't Fix
• Component/s:
• Labels:

• Assignee: drb
• Reporter: lorban
• Created: January 11, 2013
• Votes: 0
• Watchers: 1
• Updated:

  January 11, 2013
• Resolved:

  January 11, 2013

Description

The reloadConfiguration JMX service in the L2 should only be accessible by a user with the admin role when the L2 runs secured, just like the shutdown JMX service. It currently isn’t the case.

Comments

Ludovic Orban 2013-01-11

Wrong project.