Re: why do we need 8096?

2013-09-06 Thread Rohit Yadav
I've had such discussions before and I've tried to fix this but could justify properly as there could be other layers who may want to directly exploit CloudStack's APIs for example a business/billing/management layer. I think for security's sake among many ways -- move this behaviour out as a plugi

Re: why do we need 8096?

2013-09-04 Thread Prasanna Santhanam
On Wed, Sep 04, 2013 at 08:21:10PM +0200, Ove Ewerlid wrote: > On 09/04/2013 08:03 PM, Darren Shepherd wrote: > >On 09/04/2013 10:52 AM, Mathias Mullins wrote: > >>Hi Darren, > >> > >>It's a very commonly used port for many installations that want an > >>unauthenticated API access, especially from

Re: why do we need 8096?

2013-09-04 Thread Darren Shepherd
On 09/04/2013 11:04 AM, Marcus Sorensen wrote: It's not default, and it is nice to have. Users have to set the integration port to enabled. Ah thats good to know. That makes me feel a little better. Darren

Re: why do we need 8096?

2013-09-04 Thread Ove Ewerlid
On 09/04/2013 08:03 PM, Darren Shepherd wrote: On 09/04/2013 10:52 AM, Mathias Mullins wrote: Hi Darren, It's a very commonly used port for many installations that want an unauthenticated API access, especially from other tools and systems. I think getting rid of this would be really bad idea.

Re: why do we need 8096?

2013-09-04 Thread Marcus Sorensen
It's not default, and it is nice to have. Users have to set the integration port to enabled. On Wed, Sep 4, 2013 at 12:03 PM, Darren Shepherd wrote: > On 09/04/2013 10:52 AM, Mathias Mullins wrote: >> >> Hi Darren, >> >> It's a very commonly used port for many installations that want an >> unauth

Re: why do we need 8096?

2013-09-04 Thread Darren Shepherd
On 09/04/2013 10:52 AM, Mathias Mullins wrote: Hi Darren, It's a very commonly used port for many installations that want an unauthenticated API access, especially from other tools and systems. I think getting rid of this would be really bad idea. Sigh, I just hate the "totally insecure by de

RE: why do we need 8096?

2013-09-04 Thread Musayev, Ilya
Wednesday, September 04, 2013 1:52 PM > To: dev@cloudstack.apache.org > Subject: Re: why do we need 8096? > > Hi Darren, > > It's a very commonly used port for many installations that want an > unauthenticated API access, especially from other tools and systems. I think > g

Re: why do we need 8096?

2013-09-04 Thread Mathias Mullins
Hi Darren, It's a very commonly used port for many installations that want an unauthenticated API access, especially from other tools and systems. I think getting rid of this would be really bad idea. Matt On 9/4/13 1:49 PM, "Darren Shepherd" wrote: >Why do we need an unauthenticated backdoo

why do we need 8096?

2013-09-04 Thread Darren Shepherd
Why do we need an unauthenticated backdoor? Is there any chance we can just get rid of that entry point to CloudStack? Darren