db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (JIRA)" <j...@apache.org>
Subject [jira] Updated: (DERBY-2811) Specifying -h with default security manager bars clients from connecting from any host
Date Thu, 14 Jun 2007 00:45:32 GMT

     [ https://issues.apache.org/jira/browse/DERBY-2811?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Rick Hillegas updated DERBY-2811:

    Attachment: derby-2811-01.diff

Attaching a patch for this problem: derby-2811-01.diff. Dag, could you take a gander at this?
I will run tests later tonight. Touches the following files:

M      java/drda/org/apache/derby/drda/NetworkServerControl.java

The special Derby wildcard is translated into the * wildcard for poking into the system
properties so that the vm can substitute * into the host variable in the default policy.

M      java/testing/org/apache/derbyTesting/functionTests/tests/derbynet/SecureServerTest.java

Added a test case for host

M      java/testing/org/apache/derbyTesting/junit/NetworkServerTestSetup.java

Modified this decorator so that it can handle this edge case. Added some more defensive logic
in places where exceptions were being silently swallowed. I noticed test hangs when running
the new test case against a server without the changes to NetworkServerControl. After adding
the defensive code, the tests don't hang anymore in that situation and SecureServerTest runs
cleanly with the changes to NetworkServerControl. However, we should think more about how
to handle unexpected ping errors in this decorator.

> Specifying -h with default security manager bars clients from connecting from
any host
> ----------------------------------------------------------------------------------------------
>                 Key: DERBY-2811
>                 URL: https://issues.apache.org/jira/browse/DERBY-2811
>             Project: Derby
>          Issue Type: Bug
>          Components: Network Server
>    Affects Versions:
>            Reporter: Dag H. Wanvik
>            Assignee: Rick Hillegas
>         Attachments: derby-2811-01.diff
> The default policy file installed has this stanza:
>   :
>   permission java.net.SocketPermission "${derby.drda.host}:*", "accept"; 
>   :
> Normally, specifying -h to NetworkServerControl lets clients connect
> from any host, but with the default policy file installed
> connecting fails even from localhost.
> I think this is because SocketPermission only recognizes "*" as a catch-all.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message