Openbravo Issue Tracking System - Retail Modules
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0048767Retail ModulesWeb POS Hardware Managerpublic2022-03-11 10:112022-03-23 12:25
Reporteradrianromero 
Assigned Toyogaskarnik 
PrioritynormalSeveritymajorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target VersionFixed in VersionRR22Q2 
Merge Request Statusapproved
Review Assigned To
OBNetwork customerNo
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0048767: Sets default server.allowedhost property to localhost
DescriptionDefault configuration of the Hardware Manager allows any host to use its exposed services.

As a security measure, by default, only localhost must be allowed to use the Hardware Manager services. This is also the most common deployment environment. Only in very especific situations the Hardware Manager is deployed to expose its services to other hosts.
Steps To ReproduceN/A
Proposed SolutionSet server.allowedhost default value to localhost.

Also expose this value to logging and display it in the Hardware Manager UI Web Server tab. It should be managed in a similar way other server properties are managed like server.fqdn, server.port, ...


Additional Information
TagsNo tags attached.
Relationships
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2022-03-11 10:11adrianromeroNew Issue
2022-03-11 10:11adrianromeroAssigned To => Triage Platform Conn
2022-03-11 10:11adrianromeroOBNetwork customer => No
2022-03-11 10:11adrianromeroTriggers an Emergency Pack => No
2022-03-11 10:12adrianromeroAssigned ToTriage Platform Conn => yogaskarnik
2022-03-11 10:12adrianromeroStatusnew => scheduled
2022-03-22 17:20hgbotMerge Request Status => open
2022-03-22 17:20hgbotNote Added: 0135923
2022-03-22 17:57hgbotMerge Request Statusopen => approved
2022-03-22 18:15hgbotNote Added: 0135934
2022-03-23 12:23hgbotResolutionopen => fixed
2022-03-23 12:23hgbotStatusscheduled => closed
2022-03-23 12:23hgbotFixed in Version => RR22Q2
2022-03-23 12:23hgbotNote Added: 0135960
2022-03-23 12:23hgbotNote Added: 0135961
2022-03-23 12:25hgbotNote Added: 0135963
2022-03-23 12:25hgbotNote Added: 0135964

Notes
(0135923)
hgbot   
2022-03-22 17:20   
Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.poshwmanager.sources/-/merge_requests/58 [^]
(0135934)
hgbot   
2022-03-22 18:15   
Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.poshwmanager/-/merge_requests/41 [^]
(0135960)
hgbot   
2022-03-23 12:23   
Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.poshwmanager [^]
Changeset: 85ac57d3fb6445d75f87668687d151b3f066be09
Author: Yogas Karnik <yogas.karnik@openbravo.com>
Date: 22-03-2022 18:14:10
URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.poshwmanager/-/commit/85ac57d3fb6445d75f87668687d151b3f066be09 [^]

Fixes ISSUE-0048767: Added default value for allowed host in OBHW properties

---
M .gitignore
M bin/openbravohw.properties
M bin/poshw.jar
M bin/rev.id
---
(0135961)
hgbot   
2022-03-23 12:23   
Merge request merged: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.poshwmanager/-/merge_requests/41 [^]
(0135963)
hgbot   
2022-03-23 12:25   
Merge request merged: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.poshwmanager.sources/-/merge_requests/58 [^]
(0135964)
hgbot   
2022-03-23 12:25   
Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.poshwmanager.sources [^]
Changeset: 4fcf9b9580afe71ca02e61f527e14098a595e743
Author: Yogas Karnik <yogas.karnik@openbravo.com>
Date: 23-03-2022 11:25:57
URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.poshwmanager.sources/-/commit/4fcf9b9580afe71ca02e61f527e14098a595e743 [^]

Fixes ISSUE-0048767: Sets and logs default allowed host property to localhost

---
M project/openbravohw.properties
M project/src/com/openbravo/poshw/AppConfig.java
M project/src/com/openbravo/poshw/server/ServerManagerJetty.java
---