[ https://issues.apache.org/jira/browse/DERBY-2963?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12514645 ]
Dag H. Wanvik edited comment on DERBY-2963 at 7/23/07 7:59 AM: --------------------------------------------------------------- I also see the issue regardless of whether derbyrun.jar is used or not (IPv4, on Solaris). It seems the default policy file installed intentionally does *not* open access to remote clients. I am not sure, but I seem to remember this being discussed (DERBY-2196) and found to be acceptable? However, the release notes do not indicate this, which would seem to indicate it is not the intended behavior, in which case it is a bug, not a "feature". Changing this line in server.policy: permission java.net.SocketPermission "${derby.security.host}", "accept"; to: permission java.net.SocketPermission "*", "accept"; lets me connect from any host to the interface name given in -h option. was: I also see the issue regardless of whether derbyrun.jar is used or not. It seems the default policy file installed intentionally does *not* open access to remote clients. I am not sure, but I seem to remember this being discussed (DERBY-2196) and found to be acceptable? However, the release notes do not indicate this, which would seem to indicate it is not the intended behavior, in which case it is a bug, not a "feature". Changing this line in server.policy: permission java.net.SocketPermission "${derby.security.host}", "accept"; to: permission java.net.SocketPermission "*", "accept"; lets me connect from any host to the interface name given in -h option. > AccessControlException: Access denied java.net.SocketPermission <client ip> > accept,resolve > ------------------------------------------------------------------------------------------ > > Key: DERBY-2963 > URL: https://issues.apache.org/jira/browse/DERBY-2963 > Project: Derby > Issue Type: Bug > Components: Network Server > Affects Versions: 10.3.1.2 > Environment: SuseLinux 10 > IBM JVM 1.5 > Reporter: Daniel John Debrunner > Priority: Blocker > > I start the server using an ipv4 address > java derbyrun.jar server start -h x.x.x.x > Then I connect from a remote client and hit an AccessControlException > The ip in the exception is that of the *client*, not the server. > This setup works in 10.2.2.0. > Same problem if the hostname is in derby.properties > Problem can be worked around by using -noSecurityManager when starting the > server -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.