Project

General

Custom queries

Profile

Actions
Copy link

Feature #9460

closed

Extend authorize_with_trusted_hosts in proxy with subnets support

Added by Lukas Zapletal over 10 years ago. Updated over 10 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Smart Proxy Plugin
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Currently we had to turn authorize_with_trusted_hosts off because discovered hosts were not able to register (the method checks for DNS and reverse DNS).

Proper fix is to implement new behavior - authorize_with_trusted_hosts should accept range(s) of IP addresses (subnets) for which clients are authorized. Then we need to re-enable this again for the smart_proxy_discovery.

Users will need to set this in YAML file prior discovering.

Related issues 2 (0 open2 closed)

Related to Discovery - Bug #9459: Unable to register discovered host via https proxyClosedLukas Zapletal02/19/2015Actions
Related to Smart Proxy - Bug #9482: Allow patterns for authorization filters as a parameterRejectedLukas Zapletal02/20/2015Actions
Actions
Copy link
 #1

Updated by Lukas Zapletal over 10 years ago

  • Related to Bug #9459: Unable to register discovered host via https proxy added
Actions
Copy link
 #2

Updated by Lukas Zapletal over 10 years ago

I think I found a better solution to this problem: http://projects.theforeman.org/issues/9482

Actions
Copy link
 #3

Updated by Lukas Zapletal over 10 years ago

  • Related to Bug #9482: Allow patterns for authorization filters as a parameter added
Actions
Copy link
 #4

Updated by Lukas Zapletal over 10 years ago

  • Status changed from New to Rejected

Ok the workaround in the #9459 is fail enough. Closing this one, we will have a different ticket in regard to improving security from the discovered nodes.

Actions
Copy link

Also available in: Atom PDF