You are viewing a plain text version of this content. The canonical link for it is here.

Posted to derby-dev@db.apache.org by "John H. Embretsen (JIRA)" <ji...@apache.org> on 2008/05/05 12:02:55 UTC

[jira] Resolved: (DERBY-3657) Comment in template security policy incorrectly says that JMX is not enabled by default

     [ https://issues.apache.org/jira/browse/DERBY-3657?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

John H. Embretsen resolved DERBY-3657.
--------------------------------------

       Resolution: Fixed
    Fix Version/s: 10.5.0.0
                   10.4.1.4

Committed a fix for this issue with revisions 
653387 (trunk) and
653396 (10.4 branch).

Also added a commented-out permission to the template policy file, which can be used to allow the actions of the ping operation of the NetworkServerMBean.

> Comment in template security policy incorrectly says that JMX is not enabled by default
> ---------------------------------------------------------------------------------------
>
>                 Key: DERBY-3657
>                 URL: https://issues.apache.org/jira/browse/DERBY-3657
>             Project: Derby
>          Issue Type: Bug
>          Components: Demos/Scripts, JMX, Security
>    Affects Versions: 10.4.1.3
>         Environment: N/A
>            Reporter: John H. Embretsen
>            Assignee: John H. Embretsen
>             Fix For: 10.4.1.4, 10.5.0.0
>
>
> The template policy located at $DERBY_HOME/demo/templates/server.policy (release distributions) and $trunk/java/drda/org/apache/derby/drda/template.policy (source tree) contains a comment relating to JMX permissions which says:
> // JMX management of Derby is NOT enabled by default; see also DERBY-1387.
> This was no longer true after DERBY-3429 was fixed, which includes the 10.4.1.3 release. JMX monitoring and management is enabled by default given that the JVM includes the required APIs, and that the security policy allows JMX features to come up. The comment should have been removed, but this has not happened. The same applies to the default server policy, server.policy, which also should be corrected (this policy's comments are however not exposed to users in the same way as the template).
> Note that no code or actual permissions need to change as a result of this; it is merely an outdated comment that needs to be removed in order not to give users a false impression.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.