[MAGNOLIA-7958] Sound defaults for IPConfig rules Created: 09/Dec/20 Updated: 09/Dec/20 |
|
| Status: | Accepted |
| Project: | Magnolia |
| Component/s: | security |
| Affects Version/s: | 6.2.5 |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Neutral |
| Reporter: | Mikaël Geljić | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | ipconfig | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Template: |
|
||||||||
| Acceptance criteria: |
Empty
|
||||||||
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||
| Description |
|
IPSecurityManagerImpl has been backed by a mere HashMap (fixed IP or * -> rule) forever. Although not a widely used feature (and trend goes further towards filtering IPs on a higher level, in front of Magnolia itself), it is quite error prone in its current incarnation. In particular, introducing new rules or cloning from the default wildcard rule through the Admincentral should not lock the user out before filling in meaningful values. Options:
|