Barbican presupposes HTTP use

Bug #1258598 reported by Craig Tracey on 2013-12-06
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Fix Released
Craig Tracey

Bug Description

Currently the host_href configuration directive only includes the netloc portion of an HREF. Further, barbican/ presupposes that host_href should point at an HTTP endpoint and prepends "http://". For those who may be placing Barbican behind something like haproxy with SSL termination, this will not be adequate.

Changed in barbican:
assignee: nobody → Craig Tracey (craigtracey)

Fix proposed to branch: master

Changed in barbican:
status: New → In Progress
description: updated

Submitter: Jenkins
Branch: master

commit 9d3561f8b269878a743335d2d3fe5caff001491d
Author: Craig Tracey <email address hidden>
Date: Fri Dec 6 12:49:14 2013 -0500

    host_href should include scheme

    Barbican should not presuppose that host_href will be an HTTP endpoint.
    This does not work when SSL is being used (ie. in the case there
    haproxy is performing SSL termination for Barbican)

    This change simply requires that host_href include the scheme to be
    used when providing secret and/or order refs.

    Change-Id: I22f6b13b693801322716d4c43ce8d508eca114dd
    Closes-Bug: #1258598

Changed in barbican:
status: In Progress → Fix Committed
John Wood (john-wood-w) on 2014-01-21
Changed in barbican:
milestone: none → havana-2
milestone: havana-2 → havana-1
importance: Undecided → High
milestone: havana-1 → icehouse-2
milestone: icehouse-2 → icehouse-1
Changed in barbican:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers