db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel John Debrunner (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-2883) template security policy file for network server uses undefined property derby.security.host
Date Fri, 29 Jun 2007 15:55:04 GMT

    [ https://issues.apache.org/jira/browse/DERBY-2883?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12509135
] 

Daniel John Debrunner commented on DERBY-2883:
----------------------------------------------

Same issue with 'derby.install.url'.

Both of these properties are marked as 'private to derby' in their javadoc, but yet there
are exposed in the template file.

I wonder if it would be clearer to have a separate consistent name space for the "private"
properties and use different ones for the template file.

e.g.

derby.internal.install.url
derby.internal.drda.host  (describe what the property represents, not how it is used (security))

or could use the existing namespace for runtime properties

derby.__rt.

> template security policy file for network server uses undefined property derby.security.host
> --------------------------------------------------------------------------------------------
>
>                 Key: DERBY-2883
>                 URL: https://issues.apache.org/jira/browse/DERBY-2883
>             Project: Derby
>          Issue Type: Bug
>          Components: Network Server, Security
>    Affects Versions: 10.3.0.0, 10.3.1.0, 10.4.0.0
>            Reporter: Daniel John Debrunner
>
> DERBY-2811 changed the use of 
> permission java.net.SocketPermission "${derby.drda.host}:*", "accept"; 
> to
> permission java.net.SocketPermission "${derby.security.host}:*", "accept"; 
> I think this is correct for the default policy file used by the network server, but incorrect
for the user template file.
> I think rather than exposing this "internal property" derby.security.host, the template
should continue to use ${derby.drda.host}
> and include comments about needing to change it if the server is listening on a wildcard
address. Currently there's no explanation of where derby.security.host comes from.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message