Actions
Feature #9460
closedExtend authorize_with_trusted_hosts in proxy with subnets support
Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Smart Proxy Plugin
Description
Currently we had to turn authorize_with_trusted_hosts off because discovered hosts were not able to register (the method checks for DNS and reverse DNS).
Proper fix is to implement new behavior - authorize_with_trusted_hosts should accept range(s) of IP addresses (subnets) for which clients are authorized. Then we need to re-enable this again for the smart_proxy_discovery.
Users will need to set this in YAML file prior discovering.
Updated by Lukas Zapletal over 10 years ago
- Related to Bug #9459: Unable to register discovered host via https proxy added
Updated by Lukas Zapletal over 10 years ago
I think I found a better solution to this problem: http://projects.theforeman.org/issues/9482
Updated by Lukas Zapletal over 10 years ago
- Related to Bug #9482: Allow patterns for authorization filters as a parameter added
Updated by Lukas Zapletal over 10 years ago
- Status changed from New to Rejected
Ok the workaround in the #9459 is fail enough. Closing this one, we will have a different ticket in regard to improving security from the discovered nodes.
Actions