[jira] [Closed] (UIMA-5440) DUCC WebServer (WS) should provide secure file-based login
[ https://issues.apache.org/jira/browse/UIMA-5440?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lou DeGenaro closed UIMA-5440. -- > DUCC WebServer (WS) should provide secure file-based login > --- > > Key: UIMA-5440 > URL: https://issues.apache.org/jira/browse/UIMA-5440 > Project: UIMA > Issue Type: Improvement > Components: DUCC >Reporter: Lou DeGenaro >Assignee: Lou DeGenaro > Fix For: 2.2.1-Ducc > > > DUCC Webserver supports a Linux-based login plugin. Another useful login > plugin (secure file) would work as follows: > 1. generate a single use password in a file-based location that only the user > can view each time a login is attempted > 2. check the user login specified password with the generated password for a > match and only then grant login -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Resolved] (UIMA-5440) DUCC WebServer (WS) should provide secure file-based login
[ https://issues.apache.org/jira/browse/UIMA-5440?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lou DeGenaro resolved UIMA-5440. Resolution: Fixed Change set is delivered. > DUCC WebServer (WS) should provide secure file-based login > --- > > Key: UIMA-5440 > URL: https://issues.apache.org/jira/browse/UIMA-5440 > Project: UIMA > Issue Type: Improvement > Components: DUCC >Reporter: Lou DeGenaro >Assignee: Lou DeGenaro > Fix For: 2.2.1-Ducc > > > DUCC Webserver supports a Linux-based login plugin. Another useful login > plugin (secure file) would work as follows: > 1. generate a single use password in a file-based location that only the user > can view each time a login is attempted > 2. check the user login specified password with the generated password for a > match and only then grant login -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (UIMA-5440) DUCC WebServer (WS) should provide secure file-based login
[ https://issues.apache.org/jira/browse/UIMA-5440?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16039459#comment-16039459 ] Lou DeGenaro commented on UIMA-5440: Support for new authentication plugin specified in site.ducc.properties: ducc.authentication.implementer=org.apache.uima.ducc.ws.authentication.SecureFileAuthenticator User is prompted for ducc-mon login userid upon first site visit, which is kept in a cookie. Erasure of cookie will cause re-prompt upon next visit. User specification of alternate userid on Login panel will also cause cookie to be re-written. User Login panel is pre-filled with login user from cookie. Cookie arrival at WebServer (WS) causes creation of new /.ducc/.login.pw file to be created and populated if not already in existence. is specified in site.ducc.properties, but defaults to user's home directory otherwise. Each ducc-mon login attempt WS checks user specified password with the previously generated one and only a match will permit login. Each ducc-mon login attempt causes a replacement pw to be generated into the login.pw file, thus each pw is single use. Password generator is Python script that generates passwords of length 8-16 characters from the letters A-Z,a-z,0-9. > DUCC WebServer (WS) should provide secure file-based login > --- > > Key: UIMA-5440 > URL: https://issues.apache.org/jira/browse/UIMA-5440 > Project: UIMA > Issue Type: Improvement > Components: DUCC >Reporter: Lou DeGenaro >Assignee: Lou DeGenaro > Fix For: 2.2.1-Ducc > > > DUCC Webserver supports a Linux-based login plugin. Another useful login > plugin (secure file) would work as follows: > 1. generate a single use password in a file-based location that only the user > can view each time a login is attempted > 2. check the user login specified password with the generated password for a > match and only then grant login -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Work started] (UIMA-5440) DUCC WebServer (WS) should provide secure file-based login
[ https://issues.apache.org/jira/browse/UIMA-5440?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Work on UIMA-5440 started by Lou DeGenaro. -- > DUCC WebServer (WS) should provide secure file-based login > --- > > Key: UIMA-5440 > URL: https://issues.apache.org/jira/browse/UIMA-5440 > Project: UIMA > Issue Type: Improvement > Components: DUCC >Reporter: Lou DeGenaro >Assignee: Lou DeGenaro > Fix For: 2.2.1-Ducc > > > DUCC Webserver supports a Linux-based login plugin. Another useful login > plugin (secure file) would work as follows: > 1. generate a single use password in a file-based location that only the user > can view each time a login is attempted > 2. check the user login specified password with the generated password for a > match and only then grant login -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Deleted] (UIMA-5443) Experiment pages with restarted access should not be visible to others
[ https://issues.apache.org/jira/browse/UIMA-5443?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Burn Lewis deleted UIMA-5443: - > Experiment pages with restarted access should not be visible to others > -- > > Key: UIMA-5443 > URL: https://issues.apache.org/jira/browse/UIMA-5443 > Project: UIMA > Issue Type: Bug >Reporter: Burn Lewis >Priority: Minor > > Experiment pages are accessed via duccling even when the owner is not logged > in. Code should run duccling as the EffectiveUser, not as the owner of the > experiment. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Created] (UIMA-5443) Experiment pages with restarted access should not be visible to others
Burn Lewis created UIMA-5443: Summary: Experiment pages with restarted access should not be visible to others Key: UIMA-5443 URL: https://issues.apache.org/jira/browse/UIMA-5443 Project: UIMA Issue Type: Bug Components: DUCC Reporter: Burn Lewis Priority: Minor Fix For: future-DUCC Experiment pages are accessed via duccling even when the owner is not logged in. Code should run duccling as the EffectiveUser, not as the owner of the experiment. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Created] (UIMA-5442) uv3 backward compatibility: add casImpl v2 public methods for Type access
Marshall Schor created UIMA-5442: Summary: uv3 backward compatibility: add casImpl v2 public methods for Type access Key: UIMA-5442 URL: https://issues.apache.org/jira/browse/UIMA-5442 Project: UIMA Issue Type: Improvement Components: Core Java Framework Reporter: Marshall Schor Assignee: Marshall Schor Priority: Minor Fix For: 3.0.0SDK-beta The CASImpl implements a set of methods to access the current type system, such as isStringType(Type), isArrayType(Type), etc. Some existing code is making use of these. Add these for backwards compatibility. -- This message was sent by Atlassian JIRA (v6.3.15#6346)