Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Add ability to restrict anonymous connections

Description

Right now, anyone can connect to the server anonymously when anonymous connections are enabled. To improve security but still allow service that need anonymous connections, add a mode so that only certain IP's or IP address ranges were allowed to login anonymously. Entries would be in the form:

192.168.1.100 or 192.168.1.*

Environment

None

Activity

Show:

Gaston Dombiak July 19, 2005 at 4:51 AM

In the "Registration and Login" page it is now possible to define the list of IP addresses (and ranges) that are allowed to login. If the list is empty then anyone may log in but if not then login is allowed only for the IP addressed defined there.

The information is stored as a system property. It is possible to define full IP addresses (eg. 10.85.90.20) or ranges (eg. 10.85.90., 10.85..* or 10...*). The restriction does not only apply to anonymous connections but to any client connection to the server. In case the client is not allowed a not_authorized (ie. stream error) error is returned. If the restriction is set up after users have logged in then the existing connections WILL NOT be closed.

MattM July 18, 2005 at 8:01 AM

So, what was the fix? Would be good to include details to have as history.

ConorC March 21, 2005 at 5:59 PM

This feature could|should apply to non-anonymous logins as well.

Fixed

Details

Assignee

Reporter

Components

Fix versions

Affects versions

Priority

Created February 2, 2005 at 8:36 AM
Updated July 19, 2005 at 4:51 AM
Resolved July 16, 2005 at 11:08 AM