Hello, Are there any plans to address the access control problem? I think that even when you can use iptables or similar to achieve the same end result, it would be nice to be able to set a bind address in the neo4j configuration.
Also https would be a nice feature :) Br Johan On 2011-06-09 16.14, Chris Gioran wrote: > Hi Max, > > there are two distinct problems here > > One is that there is no IP access control that can be configured > through Neo4j. Setting the > listen URIs to a specific address in the configuration does not bind > the server there exclusively. This > behavior has to be imposed with external means, such as a firewall. > > The other is a benign bug that has to do with logging the listen > address - currently it uses always the > java.net.InetAddress methods to find the hostname, ignoring the > configuration and leading to the > behavior you describe, since the JVM does not prefer the localhost > interface. This will be of course > addressed in subsequent SNAPSHOTs and milestone releases but it will > remain the default behavior. > > Hope that clarifies things. > > cheers, > CG > > On Wed, Jun 8, 2011 at 2:59 PM, Maximilian Schulz <[email protected]> wrote: >> Hi everyone, >> >> after weeks of experimentation, we finally migrated one of our apps features >> to neo4j. But now that we are about to deploy the app to our staging server, >> we discovered a small problem with the server configuration. We have checked >> the manual at >> http://docs.neo4j.org/chunked/1.4.M03/server-configuration.html and followed >> the suggested configuration, but we are not getting the expected results. >> >> What we are trying to achieve is to bind the server to localhost, so it is >> no longer accessible from outside. We restricted access to IPv4 in the >> wrapper config and set the webadmin data and manage uri to >> http://localhost:7474. But when starting the server it still binds to the >> hostname. >> >> Here is the output of the start process. Check the last line, where it >> states that the server is started on http://OUR_DOMAIN:7474/ >> >> 6/8/11 1:44:46 PM org.neo4j.server.database.Database INFO: Using database at >> /tmp/neo4j-community-1.4.M03/data/graph.db >> 6/8/11 1:44:47 PM org.neo4j.server.modules.DiscoveryModule INFO: Mounted >> discovery module at [/] >> 6/8/11 1:44:47 PM org.neo4j.server.modules.RESTApiModule INFO: Mounted REST >> API at [http://localhost:7474/db/data/] >> 6/8/11 1:44:47 PM org.neo4j.server.modules.ManagementApiModule INFO: Mounted >> management API at [http://localhost:7474/db/manage/] >> 6/8/11 1:44:47 PM org.neo4j.server.modules.WebAdminModule INFO: Mounted >> webadmin at [/webadmin] >> 6/8/11 1:44:47 PM org.neo4j.server.NeoServerWithEmbeddedWebServer INFO: >> Starting Neo Server on port [7474] >> 6/8/11 1:44:47 PM org.neo4j.server.web.Jetty6WebServer INFO: Mounting static >> content at [/webadmin] from [webadmin-html] >> 6/8/11 1:44:48 PM org.neo4j.server.NeoServerWithEmbeddedWebServer INFO: >> Server started on [http://OUR_DOMAIN:7474/] >> >> >> I am pretty sure that I have missed something, but I cannot figure out what. >> Any help is greatly appreciated! >> >> Max >> _______________________________________________ >> Neo4j mailing list >> [email protected] >> https://lists.neo4j.org/mailman/listinfo/user >> > _______________________________________________ > Neo4j mailing list > [email protected] > https://lists.neo4j.org/mailman/listinfo/user -- Johan Lundberg NORDUnet NUNOC [email protected] +46(0)8 207860 Tulegatan 11 113 53 Stockholm Sweden _______________________________________________ Neo4j mailing list [email protected] https://lists.neo4j.org/mailman/listinfo/user
