-
Task
-
Resolution: Unresolved
-
Neutral
-
None
-
6.2.5
-
-
Empty show more show less
-
Empty show more show less
IPSecurityManager / IPConfig is not a widely used feature. Trend goes further towards filtering IPs on a higher level, in front of Magnolia itself, at least for IP concerns. On the other hand, allowed-method concerns should leverage CORS to control resource access.
Therefore I'm proposing to deprecate the IPSecurityManager, and extract it along with its filter to a new community module, outside of magnolia-core.
The new module should consider external file-based configuration instead (in order to decouple from runtime changes and recover from lock-out scenarios).
Acceptance criteria
- depends upon
-
MAGNOLIA-1617 Extract ip security out of URISecurityFilter
- Closed