db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bpendle...@apache.org
Subject svn commit: r535910 - in /db/derby/code/trunk: java/drda/org/apache/derby/drda/NetServlet.java tools/j2ee/derby/WEB-INF/web.xml
Date Mon, 07 May 2007 15:41:43 GMT
Author: bpendleton
Date: Mon May  7 08:41:42 2007
New Revision: 535910

URL: http://svn.apache.org/viewvc?view=rev&rev=535910
DERBY-1054: NetServlet does not allow binding to non localhost interface

This change modifies the NetServlet.java class to allow for a "host"
parameter to be passed in via the web.xml file. That way we can control
the listening interface. The sample web.xml is enhanced with additional
information about how to set the host parameter.

Note that there are security implications to setting a non-localhost
value for the host. Such a server should be properly configured so that
access to it is authenticated and secured. A separate docs patch enhances
the NetServlet documentation to note these considerations.


Modified: db/derby/code/trunk/java/drda/org/apache/derby/drda/NetServlet.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/drda/org/apache/derby/drda/NetServlet.java?view=diff&rev=535910&r1=535909&r2=535910
--- db/derby/code/trunk/java/drda/org/apache/derby/drda/NetServlet.java (original)
+++ db/derby/code/trunk/java/drda/org/apache/derby/drda/NetServlet.java Mon May  7 08:41:42
@@ -76,6 +76,7 @@
 		Configuration parameters:
 		<LI><PRE>portNumber</PRE> - Port number
+		<LI><PRE>host</PRE> - Host name
 		<LI><PRE>traceDirectory</PRE> - location of trace directory
 		<LI><PRE>startNetworkServerOnInit</PRE> - start the server on initialization
@@ -92,6 +93,9 @@
 			if (p > 0)
 				portNumber = p;
+		String hostName = config.getInitParameter("host");
+		if (hostName != null)
+			host = hostName;
 		this.tracingDirectory = config.getInitParameter("tracingDirectory");

Modified: db/derby/code/trunk/tools/j2ee/derby/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/tools/j2ee/derby/WEB-INF/web.xml?view=diff&rev=535910&r1=535909&r2=535910
--- db/derby/code/trunk/tools/j2ee/derby/WEB-INF/web.xml (original)
+++ db/derby/code/trunk/tools/j2ee/derby/WEB-INF/web.xml Mon May  7 08:41:42 2007
@@ -38,10 +38,25 @@
 	  <param-value> 1527 </param-value>
 	  <description> Port number to use. The default is 1527. </description>
+        <!--
+        The "host" parameter allows configuration of the host name that will
+        be used for the listening socket for network connections. By default,
+        the Network Server will listen to requests only on the loopback
+        address, which means that it will only accept connections from the
+        local host. Changing this value could expose the server to
+        external connections, which raises security concerns, so before using
+        the "host" parameter, you should run under the Java security
+        manager and enable user authentication.
+        -->
+	<init-param>
+	  <param-name>  host </param-name>
+	  <param-value> localhost </param-value>
+	  <description> Host Name to use. The default is "localhost". Please secure any server
which listens on a public address. </description>
+	</init-param>
 	  <param-name>  tracingDirectory </param-name>
-	  <description> Port number to use. The default is 1527. </description>
+	  <description> Directory where trace files should be placed. </description>

View raw message