You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by ch...@apache.org on 2014/01/10 16:25:22 UTC
svn commit: r1557151 - in /db/derby/docs/branches/10.5/src/adminguide:
cadminreplicsecurity.dita tadminnetservbasic.dita tadminnetservcustom.dita
Author: chaase3
Date: Fri Jan 10 15:25:22 2014
New Revision: 1557151
URL: http://svn.apache.org/r1557151
Log:
DERBY-6448 Document new SocketPermission in Network Server policy file
Merged DERBY-6448.diff to 10.5 doc branch from trunk revision 1557129.
Modified:
db/derby/docs/branches/10.5/src/adminguide/cadminreplicsecurity.dita
db/derby/docs/branches/10.5/src/adminguide/tadminnetservbasic.dita
db/derby/docs/branches/10.5/src/adminguide/tadminnetservcustom.dita
Modified: db/derby/docs/branches/10.5/src/adminguide/cadminreplicsecurity.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/branches/10.5/src/adminguide/cadminreplicsecurity.dita?rev=1557151&r1=1557150&r2=1557151&view=diff
==============================================================================
--- db/derby/docs/branches/10.5/src/adminguide/cadminreplicsecurity.dita (original)
+++ db/derby/docs/branches/10.5/src/adminguide/cadminreplicsecurity.dita Fri Jan 10 15:25:22 2014
@@ -36,9 +36,10 @@ grant codeBase "${derby.install.url}derb
<codeblock>
permission java.net.SocketPermission "<i>slaveHost</i>:<i>slavePort</i>", "connect,resolve";
</codeblock>
-<p>Add the following permission to the policy file on the slave system:</p>
+<p>Add the following permissions to the policy file on the slave system:</p>
<codeblock>
permission java.net.SocketPermission "<i>slaveHost</i>", "accept,resolve";
+ permission java.net.SocketPermission "localhost:<i>slavePort</i>", "listen";
</codeblock>
<p><i>slaveHost</i> and <i>slavePort</i> are the values you specify for the
<i>slaveHost=hostname</i> and <i>slavePort=portValue</i> attributes, which are
Modified: db/derby/docs/branches/10.5/src/adminguide/tadminnetservbasic.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/branches/10.5/src/adminguide/tadminnetservbasic.dita?rev=1557151&r1=1557150&r2=1557151&view=diff
==============================================================================
--- db/derby/docs/branches/10.5/src/adminguide/tadminnetservbasic.dita (original)
+++ db/derby/docs/branches/10.5/src/adminguide/tadminnetservbasic.dita Fri Jan 10 15:25:22 2014
@@ -94,6 +94,15 @@ grant codeBase "${derby.install.url}derb
// subdomain, e.g. "*.acme.com".
permission java.net.SocketPermission "*", "accept";
+
+// Allow the server to listen to the socket on the default port (1527).
+// If you have specified another port number with the -p option to
+// "NetworkServerControl start" on the command line, or with the
+// portNumber parameter to the NetworkServerControl constructor in the
+// API, or with the property derby.drda.portNumber, you should change
+// the port number in the permission statement accordingly.
+//
+ permission java.net.SocketPermission "localhost:1527", "listen";
};
</codeblock> </context>
</taskbody>
Modified: db/derby/docs/branches/10.5/src/adminguide/tadminnetservcustom.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/branches/10.5/src/adminguide/tadminnetservcustom.dita?rev=1557151&r1=1557150&r2=1557151&view=diff
==============================================================================
--- db/derby/docs/branches/10.5/src/adminguide/tadminnetservcustom.dita (original)
+++ db/derby/docs/branches/10.5/src/adminguide/tadminnetservcustom.dita Fri Jan 10 15:25:22 2014
@@ -101,7 +101,7 @@ grant codeBase "file:/usr/local/share/sw
// This permission lets the Network Server manage connections from clients
// originating from the localhost, on any port.
//
- permission java.net.SocketPermission "localhost:0-", "accept";
+ permission java.net.SocketPermission "localhost:0-", "accept,listen";
};
</codeblock> <p> After customizing the Basic policy, you may bring up the
Network Server as follows: </p> <codeblock>