[
https://issues.apache.org/jira/browse/GEODE-2670?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15941766#comment-15941766
]
ASF subversion and git services commented on GEODE-2670:
--------------------------------------------------------
Commit 89a5da8c4f416396b799a7ea9cbc32f63381a492 in geode's branch
refs/heads/release/1.1.1 from [~jinmeiliao]
[ https://git-wip-us.apache.org/repos/asf?p=geode.git;h=89a5da8 ]
GEODE-2670: Update pulse endpoint interceptors
(cherry picked from commit 5b71c4b5b99a62063453535c9604df7e4be460fe)
> pulse with integrated security has authentication and authorization issues
> --------------------------------------------------------------------------
>
> Key: GEODE-2670
> URL: https://issues.apache.org/jira/browse/GEODE-2670
> Project: Geode
> Issue Type: Bug
> Components: pulse, security
> Reporter: Jinmei Liao
> Assignee: Jinmei Liao
> Fix For: 1.2.0
>
>
> Steps to reproduce:
> 1) in gfsh, start up a locator with a security manager
> 2) in the browser, try to connect to pulse: http://localhost:7070/pulse
> 3) when presented a login page, try a invalid username/password.
> 4) when getting "incorrect password" hint, use the same username, try using
> the correct password for that user. It would still say "incorrect password".
> Also, repeat above step 1 and 2,
> 3), use a correct username and password that only have cluster:read previlage.
> 4) try to access the dataBrowser.html, expect to get denied access, but is
> still able to access.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
