Project SimpleProject Type: software

Project Simple

Uploaded image for project: 'Project Simple'
  1. Project Simple
  2. ST-228

Security - Deny access to unauthorized users

    Details

    • Type: Enhancement
    • Status: Closed
    • Priority: High
    • Resolution: Done
    • Component/s: BenAdmin
    • Labels:
      None
    • Module:
      BenAdmin - Security
    • Reported by:
      Harbinger
    • Item State:
      Production Complete - Closed

      Description

      Actual
      If user enters url "https://wt-stage/Platform/common/UploadFilePost" then default Error page is displayed if we forcefully browse the URL without login.

      Expected
      User should redirect to Login Page

        Attachments

          Issue Links

          is duplicated by

          Enhancement - An improvement or enhancement to an existing feature or task. ST-232 Information Disclosure for File Upload URL

          • Medium - Has the potential to affect progress.
          • Closed

            Activity

            Ascending order - Click to sort in descending order
            vikas.pawar Vikas Pawar (Inactive) created issue -
            vikas.pawar Vikas Pawar (Inactive) made changes -
            Field Original Value New Value
            Assignee Vikas Pawar [ vikas.pawar ]
            vikas.pawar Vikas Pawar (Inactive) made changes -
            Status New Request [ 10029 ] Pending for Approval [ 10002 ]
            vikas.pawar Vikas Pawar (Inactive) made changes -
            Status Pending for Approval [ 10002 ] Approved for Development [ 10003 ]
            vikas.pawar Vikas Pawar (Inactive) made changes -
            Status Approved for Development [ 10003 ] In Development [ 10007 ]
            vikas.pawar Vikas Pawar (Inactive) made changes -
            Component/s BenAdmin [ 10100 ]
            vikas.pawar Vikas Pawar (Inactive) made changes -
            Module Parent values: Platform(10106)Level 1 values: Security(10115) Parent values: BenAdmin(10100)
            vikas.pawar Vikas Pawar (Inactive) made changes -
            Module Parent values: BenAdmin(10100) Parent values: BenAdmin(10100)Level 1 values: Security(10112)
            Hide
            Permalink
            vikas.pawar Vikas Pawar (Inactive) added a comment -

            Denied access to unauthorized users in web.config

            Show
            vikas.pawar Vikas Pawar (Inactive) added a comment - Denied access to unauthorized users in web.config
            vikas.pawar Vikas Pawar (Inactive) made changes -
            Summary Information Disclosure for File Upload URL Security - Deny access to unauthorized users
            vikas.pawar Vikas Pawar (Inactive) made changes -
            Description *Actual*
            Default Error page is displayed if we forcefully browse the URL without login.

            *Expected*
            Redirect to Login Page
            		*Actual*
            If user enters url "https://wt-stage/Platform/common/UploadFilePost" then default Error page is displayed if we forcefully browse the URL without login.

            *Expected*
            User should redirect to Login Page
            vijayendra Vijayendra Shinde (Inactive) made changes -
            Assignee Vikas Pawar [ vikas.pawar ] Vijayendra Shinde [ ID10506 ]
            vijayendra Vijayendra Shinde (Inactive) made changes -
            Issue Category EBS [ 10350 ] Harbinger [ 10700 ]
            vijayendra Vijayendra Shinde (Inactive) made changes -
            Link This issue is duplicated by ST-232 [ ST-232 ]
            vijayendra Vijayendra Shinde (Inactive) made changes -
            Assignee Vijayendra Shinde [ ID10506 ] Deepali Tidke [ deepalit ]
            Hide
            Permalink
            deepalit Deepali Tidke (Inactive) added a comment -

            This is duplicate of ST-232 , hence closing this ticket

            Show
            deepalit Deepali Tidke (Inactive) added a comment - This is duplicate of ST-232 , hence closing this ticket
            deepalit Deepali Tidke (Inactive) made changes -
            Status In Development [ 10007 ] Local Testing [ 10200 ]
            deepalit Deepali Tidke (Inactive) made changes -
            Status Local Testing [ 10200 ] Pending for Stage Approval [ 10300 ]
            deepalit Deepali Tidke (Inactive) made changes -
            Status Pending for Stage Approval [ 10300 ] Approved for Stage [ 10030 ]
            deepalit Deepali Tidke (Inactive) made changes -
            Status Approved for Stage [ 10030 ] Stage Testing [ 10201 ]
            deepalit Deepali Tidke (Inactive) made changes -
            Status Stage Testing [ 10201 ] Pending for Production Approval [ 10301 ]
            deepalit Deepali Tidke (Inactive) made changes -
            Status Pending for Production Approval [ 10301 ] Approved for production [ 10034 ]
            deepalit Deepali Tidke (Inactive) made changes -
            Status Approved for production [ 10034 ] Production Testing [ 10202 ]
            deepalit Deepali Tidke (Inactive) made changes -
            Resolution Fixed [ 1 ]
            Status Production Testing [ 10202 ] Production Complete [ 10028 ]
            deepalit Deepali Tidke (Inactive) made changes -
            Item State Parent values: Production Complete(10222)Level 1 values: Closed(10223)
            deepalit Deepali Tidke (Inactive) made changes -
            Status Production Complete [ 10028 ] Closed [ 6 ]
            vijayendra Vijayendra Shinde (Inactive) made changes -
            Link This issue relates to DEV-13718 [ DEV-13718 ]
            Transition Time In Source Status Execution Times
            Vikas Pawar (Inactive) made transition -
            New Request Pending for Approval
            		56s 1
            Vikas Pawar (Inactive) made transition -
            Pending for Approval Approved for Development
            		2s 1
            Vikas Pawar (Inactive) made transition -
            Approved for Development In Development
            		2s 1
            Deepali Tidke (Inactive) made transition -
            In Development In LB Testing
            		26d 19h 20m 1
            Deepali Tidke (Inactive) made transition -
            In LB Testing Pending for Stage Approval
            		4s 1
            Deepali Tidke (Inactive) made transition -
            Pending for Stage Approval Approved for Stage
            		1s 1
            Deepali Tidke (Inactive) made transition -
            Approved for Stage Stage Testing
            		1s 1
            Deepali Tidke (Inactive) made transition -
            Stage Testing Pending for Production Approval
            		2s 1
            Deepali Tidke (Inactive) made transition -
            Pending for Production Approval Approved for production
            		1s 1
            Deepali Tidke (Inactive) made transition -
            Approved for production In Production Testing
            		1s 1
            Deepali Tidke (Inactive) made transition -
            In Production Testing Production Complete
            		5s 1
            Deepali Tidke (Inactive) made transition -
            Production Complete Closed
            		10s 1

              People

              Assignee:
              deepalit Deepali Tidke (Inactive)
              Reporter:
              vikas.pawar Vikas Pawar (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: