Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

/Share/Service/Index open to public

iseyfi
Champ in-the-making
Champ in-the-making

‎06-09-2010 03:06 PM

We are using Alfresco 3.3. We just realized /share/service/index is open to public. Anyone can get to it. They are able to list, update, download and refresh scripts. This does not seem to be the case with /alfresco/service/index.

Does anyone know if there is a quick workaround to this problem? This also brings another question whether any of the Share web scripts authentications are working.
Labels:
0 Kudos
1 REPLY 1

mikeh
Star Contributor
Star Contributor

‎06-09-2010 03:22 PM

It's fixed on 3.3G, to be released this week. Having said that, there's not much of a security risk as all data REST APIs are via the Repository, which ensures the user is correctly authenticated.

Just one clarification: users can't update scripts via the /share/service/index

Thanks,
Mike
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC