Loading...

XML

Word

Printable

Details

Type: Feature Request
Resolution: Done
Priority: Minor
Fix Version/s: 1.1.Beta2
Affects Version/s: 1.1.Beta1
Component/s: Core
Labels:
- IPAddressAccessControlHandler

Estimated Difficulty:
Low

Description

The `IPAddressAccessControlHandler` returns an 403 (Forbidden) when a caller is not allowed through. This handler is a nice bit of functionality for the use of CIDR rules.

However, sometimes an application may want to return a 404 (Not Found) when they don't want to expose sensitive administrative endpoints. This is important when a service is exposed externally.

The `IPAddressAccessControlHandler` can be subclassed and the `handleRequest` method overwritten, but both the return code can not be altered and the `isAllowed` function is package private.

To solve this either the `isAllowed` should be changed to be protected or allow the return code to be set.

Attachments

Activity

People

Assignee:: Stuart Douglas

Reporter:: Ivan von Nagy (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2014/06/07 11:07 AM

Updated:: 2014/06/11 11:44 AM

Resolved:: 2014/06/11 11:44 AM