You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to togglz...@googlegroups.com
Hi,
I'm new to togglz and evalutaing it for our new project. Having an admin console to enbale/disable functionalities is great, but it looks like anyone can access the admin console.
Is there an authentication service available to acess the admin console itslef? So that not everyone can modify the functionalities that are available.
Christian Kaltepoth
unread,
May 8, 2015, 3:38:31 AM5/8/15
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to togglz...@googlegroups.com
Sure, you have to provide a UserProvider. The implementation of this interface is responsible for telling Togglz about the current user. Togglz ships with some default implementations and there are modules providing integration with popular security frameworks like Shiro, Spring Security, etc.
Right now anyone can access this adminconsole and disable or enable the feature. If I only want the admin or a business person to decide which functionality to go to production. How can i do that? Does the Admin console come with a Login Page where the admin can enter his credentials that will allow him to modify the features?
Thanks,
Rajan
Christian Kaltepoth
unread,
May 9, 2015, 5:54:01 AM5/9/15
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to togglz...@googlegroups.com
Please see the second sentence on the page I mentioned. It says:
The two most important reasons for [implementing a UserProvider] are:
Features can be enabled only for specific users using the Username strategy.
Togglz needs to know which users should be allowed to use the Togglz Admin Console.
So if you implement a UserProvider, you can control whether the "current user" can use the Admin Console by returning true|false from FeatureUser.isFeatureAdmin().
Christian
Hema
unread,
Apr 25, 2016, 4:01:17 PM4/25/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to togglz-users
We are trying make Togglz admin console secure. Bit confused on how to implement Userprovider for spring boot app. Code is in SecureConsole Branch and you can clone from here. https://github.com/hkonki/TogglzDemo.git Can you please point out what was wrong there? It seems like some security got enabled as togglz-console gives us 403. But not sure which user to specify and how?
Please help us.
Christian Kaltepoth
unread,
Apr 26, 2016, 3:36:59 AM4/26/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to togglz...@googlegroups.com
I'm not familiar with setting up Spring Security in a Spring Boot environment. But you configured Togglz so that only users with the role "ADMIN" are allowed to access the console. But it looks like there is no login page, so I guess you didn't authenticate yourself correctly, correct? I guess you will have to setup Spring Security completely which also means you need some kind of login page...
vivekanand kolangade
unread,
Mar 6, 2020, 5:35:30 AM3/6/20
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to togglz-users
Hi Christian, I am trying to disable the togglz console but even after adding "togglz.console.enabled: false", the admin console gets opened. Can you please let me know how to disable the admin console?