valveRemoteAddrValveForm.java RemoteHostValveForm.java ValveUtil.java

Remy Maucherat Tue, 11 Feb 2003 02:22:39 -0800

[EMAIL PROTECTED] wrote:

amyroh      2003/02/10 18:27:15


  Modified:    webapps/admin build.xml
               webapps/admin/WEB-INF/classes/org/apache/webapp/admin
                        ApplicationResources_en.properties
                        ApplicationResources_es.properties
               webapps/admin/WEB-INF/classes/org/apache/webapp/admin/valve
                        RemoteAddrValveForm.java RemoteHostValveForm.java
                        ValveUtil.java
  Log:
  Add validation for RemoteAddrValve and  RemoteHostValve to prevent
  installing a filter that prevents the admin's own access.

I don't understand what this does over the stanadard remote host/addr valves.
If the maintainer of server.xml wishes to deny access to the "admin", then he has the right to do so IMO. I don't agree with forcing the localhost to have access, essentially. I may have an idea of where this new "feature" is coming from ;-)

I'll have to veto this patch unless there is a real justification for it, other than (apparently) imaginary usability concerns (I will not integrate this patch in 4.1.20).

Remy

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: cvs commit: jakarta-tomcat-4.0/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/valveRemoteAddrValveForm.java RemoteHostValveForm.java ValveUtil.java

Reply via email to