mirror of https://github.com/apache/cloudstack.git
9988c269b2
* Cleanup and Improve NetUtils This class had many unused methods, inconsistent names and redundant code. This commit cleans up code, renames a few methods and constants. The global/account setting 'api.allowed.source.cidr.list' is set to 0.0.0.0/0,::/0 by default preserve the current behavior and thus allow API calls for accounts from all IPv4 and IPv6 subnets. Users can set it to a comma-separated list of IPv4/IPv6 subnets to restrict API calls for Admin accounts to certain parts of their network(s). This is to improve Security. Should an attacker steal the Access/Secret key of an account he/she still needs to be in a subnet from where accounts are allowed to perform API calls. This is a good security measure for APIs which are connected to the public internet. Signed-off-by: Wido den Hollander <wido@widodh.nl> |
||
|---|---|---|
| .. | ||
| acl | ||
| affinity-group-processors | ||
| alert-handlers | ||
| api | ||
| ca/root-ca | ||
| database | ||
| dedicated-resources | ||
| deployment-planners | ||
| event-bus | ||
| file-systems/netapp | ||
| ha-planners/skip-heurestics | ||
| host-allocators/random | ||
| hypervisors | ||
| integrations | ||
| metrics | ||
| network-elements | ||
| outofbandmanagement-drivers | ||
| storage | ||
| storage-allocators/random | ||
| user-authenticators | ||
| pom.xml | ||