db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Manjula Kutty (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-2811) Specifying -h with default security manager bars clients from connecting from any host
Date Fri, 15 Jun 2007 17:31:26 GMT

    [ https://issues.apache.org/jira/browse/DERBY-2811?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12505318

Manjula Kutty commented on DERBY-2811:

I did some basic Ipv6 testing before. and I could start the server on the Ipv6 machine using
the syntax below

java -Djava.net.preferIPv4Stack=false -Djava.net.preferIPv6Addresses=true org.apache.derby.drda.NetworkServerControl
-h 2002:92a:8f7a:13:9:42:73:115 -p 1527

and I got the connection through ij and using datasource. through ij i was connecting like

connect 'jdbc:derby://cranium-v6.rtp.raleigh.ibm.com:1527/ipv6db;create=true'; which works
fine, but 

connect 'jdbc:derby://2002:92a:8f7a:13:9:42:73:115:1527/ipv6db;create=true';

says syntax error for the hostname.

ds.setServerName("2002:92a:8f7a:13:9:42:73:115"); works fine for the datasource.

also I could do NetworkServerControl ping using both host name and ip address.

The only thing I didn't try is using the security manager, which I will be doing for this

> Specifying -h with default security manager bars clients from connecting from
any host
> ----------------------------------------------------------------------------------------------
>                 Key: DERBY-2811
>                 URL: https://issues.apache.org/jira/browse/DERBY-2811
>             Project: Derby
>          Issue Type: Bug
>          Components: Network Server, Security
>    Affects Versions:
>            Reporter: Dag H. Wanvik
>            Assignee: Rick Hillegas
>         Attachments: derby-2811-01.diff, derby-2811-02.diff, derby-2811-03.diff, derby-2811-04.diff
> The default policy file installed has this stanza:
>   :
>   permission java.net.SocketPermission "${derby.drda.host}:*", "accept"; 
>   :
> Normally, specifying -h to NetworkServerControl lets clients connect
> from any host, but with the default policy file installed
> connecting fails even from localhost.
> I think this is because SocketPermission only recognizes "*" as a catch-all.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message