Kbase P17654: Using HTTP direct sending inbound messages, does the client
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
21/03/2003 |
|
Status: Unverified
GOAL:
Using HTTP direct sending inbound messages, does the client send the username and password or can any HTTP client connect to an inbound url and perform action.
FACT(s) (Environment):
SonicMQ 4.0.2
FIX:
HTTP-Direct does not do authentication of the user. The administrator configures a url for some action (e.g. read or write to a queue). Anyone who can access the url is, able to perform this action.