[MAGNOLIA-7959] Extract IP security out of core Created: 09/Dec/20 Updated: 09/Dec/20 |
|
| Status: | Selected |
| Project: | Magnolia |
| Component/s: | security |
| Affects Version/s: | 6.2.5 |
| Fix Version/s: | None |
| Type: | Task | Priority: | Neutral |
| Reporter: | Mikaël Geljić | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | ipconfig, mpc | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Template: |
|
||||||||
| Acceptance criteria: |
Empty
|
||||||||
| Task DoR: |
Empty
|
||||||||
| Description |
|
IPSecurityManager / IPConfig is not a widely used feature. Trend goes further towards filtering IPs on a higher level, in front of Magnolia itself, at least for IP concerns. On the other hand, allowed-method concerns should leverage CORS to control resource access. Therefore I'm proposing to deprecate the IPSecurityManager, and extract it along with its filter to a new community module, outside of magnolia-core. The new module should consider external file-based configuration instead (in order to decouple from runtime changes and recover from lock-out scenarios). |