river-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jonathan Costers (JIRA)" <j...@apache.org>
Subject [jira] Assigned: (RIVER-183) clarify meaning of "calls from the local host"
Date Sat, 28 Aug 2010 10:26:54 GMT

     [ https://issues.apache.org/jira/browse/RIVER-183?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Jonathan Costers reassigned RIVER-183:

    Assignee: Jonathan Costers

> clarify meaning of "calls from the local host"
> ----------------------------------------------
>                 Key: RIVER-183
>                 URL: https://issues.apache.org/jira/browse/RIVER-183
>             Project: River
>          Issue Type: Bug
>          Components: com_sun_jini_phoenix
>    Affects Versions: jtsk_2.1
>            Reporter: Dan Creswell
>            Assignee: Jonathan Costers
>            Priority: Minor
>         Attachments: RIVER-183.patch
> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6305654
> Certain deployment-oriented classes in the com.sun.jini. customer  package:
> 	AccessILFactory
> 	InstantiatorAccessExporter
> 	MonitorAccessExporter
> 	SystemAccessExporter
> 	SystemAccessILFactory
> 	SystemAccessILFactory.SystemDispatcher
> 	SystemAccessProxyTrustILFactory
> describe an access control behavior of only accepting "calls from the local host", but
what that means isn't precisely spelled out.
> With the current implementation, it specifically means that if, in the dispatched call,
there is a ServerContext and it contains an element that is an instance of ClientHost, then
if the InetAddress returned by ClientHost.getClientHost is not a local network interface (according
to NetworkInterface.getByInetAddress), the call will be rejected; in all other cases, the
call will be accepted.
> This means that a call received because of an IiopExporter will always be accepted (because
there will not be a ServerContext at all).  It also means that a call received because of
a BasicJeriExporter with a server endpoint that does not populate the inbound request context
with a ClientHost will always be accepted-- this could be desirable if the transport provider
is local (such as a shared memory transport), but not if the transport provider is non-local
but not IP-based, so there is no meaningful ClientHost InetAddress.
> Whether or not the current implementation of "calls from the local host" is ultimately
desirable, the documentation should be updated to clarify what it means, so that deployers
can make more informed decisions about what kind of access control it provides when combined
with different kinds of exporters or JERI transport providers.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message