Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 7600 invoked from network); 3 Jul 2007 20:59:27 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 3 Jul 2007 20:59:27 -0000 Received: (qmail 23886 invoked by uid 500); 3 Jul 2007 20:59:29 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 23691 invoked by uid 500); 3 Jul 2007 20:59:28 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 23682 invoked by uid 99); 3 Jul 2007 20:59:28 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 Jul 2007 13:59:28 -0700 X-ASF-Spam-Status: No, hits=-100.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO brutus.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 Jul 2007 13:59:25 -0700 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id E31B17141F1 for ; Tue, 3 Jul 2007 13:59:04 -0700 (PDT) Message-ID: <22067187.1183496344921.JavaMail.jira@brutus> Date: Tue, 3 Jul 2007 13:59:04 -0700 (PDT) From: "Rick Hillegas (JIRA)" To: derby-dev@db.apache.org Subject: [jira] Commented: (DERBY-2874) NetworkServer not accepting connections with default security manager on Ipv6 machines In-Reply-To: <17219752.1182881845919.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/DERBY-2874?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12509997 ] Rick Hillegas commented on DERBY-2874: -------------------------------------- Committed derby-2874-bracketsAllPorts.diff at subversion revision 552977. > NetworkServer not accepting connections with default security manager on Ipv6 machines > -------------------------------------------------------------------------------------- > > Key: DERBY-2874 > URL: https://issues.apache.org/jira/browse/DERBY-2874 > Project: Derby > Issue Type: Bug > Components: Security > Affects Versions: 10.3.0.0 > Environment: Ipv6 machine with ibm jvm 15 > Reporter: Manjula Kutty > Assignee: Rick Hillegas > Fix For: 10.3.1.1 > > Attachments: derby-2874-01.diff, derby-2874-03.diff, derby-2874-04-bracketsAllPorts.diff, derby-2874-wildcard-01.diff, derby-2874-wildcard-02.diff, server.policy > > > While running tests on Ipv6 machines using the 10.3 jars with the default security manager, I had the following findings/questions > I started the server like this java org.apache.derby.drda.NetworkServerControl start -h 2002:92a:8f7a:13:9:42:74:19 > and the server started with the following command > Security manager installed using the Basic server security policy. > Apache Derby Network Server - 10.3.1.0 beta - (548006) started and ready to accept connections on port 1527 at 2007-06-25 23:44: 36.835 GMT > > So I think the server is using the default security manager. Then when I tried to get conenction though ij > > got the following error message > Access denied (java.net.SocketPermission [2002:92a:8f7a:13:9:42:73:218]:34016 accept,resolve) > java.security.AccessControlException: Access denied (java.net.SocketPermission [2002:92a:8f7a:13:9:42:73:218]:34016 accept,resolve) > at java.security.AccessController.checkPermission(AccessController.java:104) > at java.lang.SecurityManager.checkPermission(SecurityManager.java:547) > at java.lang.SecurityManager.checkAccept (SecurityManager.java:1172) > at java.net.ServerSocket.implAccept(ServerSocket.java:466) > at java.net.ServerSocket.accept(ServerSocket.java:433) > at org.apache.derby.impl.drda.ClientThread$1.run (Unknown Source) > at java.security.AccessController.doPrivileged(AccessController.java:242) > at org.apache.derby.impl.drda.ClientThread.run(Unknown Source) > > I had the derby.properties file like this > > derby.database.sqlAuthorization=true > derby.connection.requireAuthentication=true > derby.infolog.append=true > derby.authentication.provider=BUILTIN > derby.stream.error.logSeverityLevel=0 > #derby.language.logStatementText=true > # User's Definitions > derby.user.user2=pass2 -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.