Uploaded image for project: 'ngrinder'
  1. ngrinder
  2. NGRINDER-644

SVN access doesn't block the illegal access

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 3.2.1
    • Fix Version/s: 3.2.2
    • Component/s: controller
    • Labels:
      None

      Description

      Since ngrinder 3.2, SVN doesn't block the access from illegal access. Everybody can access the other's svn without any http basic auth info.

      Actually, there are http basic auth protection, but it is not applied because it's configured to permit even illegal accesses.

      The quick workaround to prevent this problem is following.

      Open /WEB-INF/classes/applicationContext-security.xml
      and modify following line

      <intercept-url pattern="/svn/**"/>
      into

      <intercept-url pattern="/svn/**" access="A, S, U"/>

        Activity

        Hide
        junoyoon JunHo Yoon added a comment -

        Fixed

        Show
        junoyoon JunHo Yoon added a comment - Fixed

          People

          • Assignee:
            junoyoon JunHo Yoon
            Reporter:
            junoyoon JunHo Yoon
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: