Loading...

XML

Word

Printable

Details

Type: Enhancement
Resolution: Done
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
- bq

Fuse Progress Bar:

% %

SFDC Cases Counter:
SFDC Cases Links:

Description

In Hawtio, if you access the Insight Logs console, multiple requests are made to the insight-console container and also backend nodes with insight profiles deployed.

This presents a problem where only the container with the insight-console is accessible to the end user. Moreover, if all insight containers are made available to the end user, the insight ports are not protected:

~~~
curl 'http://172.17.0.4:9200/_nodes' -H 'Origin: http://172.17.0.2:8181' -H 'Accept-Encoding: gzip, deflate, sdch' -H 'Accept-Language: en-US,en;q=0.8' -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.96 Safari/537.36' -H 'Accept: application/json, text/plain, /' -H 'Referer: http://172.17.0.2:8181/hawtio/insight/dashboard?kbnId=app%2Finsight%2Fdashboards%2Flogs&p=insight&tab=insight-logs' -H 'Connection: keep-alive' --compressed
~~~

Attachments

Issue Links

is related to

ENTESB-6467 [Hawtio] Insight view is not working in HTTPS mode

Closed

Activity

People

Assignee:: Andrea Tarocchi (Inactive)

Reporter:: Stephen Higgs

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 2017/05/30 4:58 PM

Updated:: 2021/10/24 6:08 AM

Resolved:: 2017/10/10 5:38 AM