|
Do you have any examples of policy files that restrict access to specific IP addresses?
|
A manual modfied policy file maybe contain error. You should use policytool(GUI tool for managing policy files) to produce your policy file.
For unix, you can read http://java.sun.com/j2se/1.4.2/docs/tooldocs/solaris/policytool.html .
For Windoows, you should read http://java.sun.com/j2se/1.4.2/ docs/tooldocs/windows/policytool.html .
|
|
Is it possible to use the policy file to restrict remote access to the server to a specific user or ip?
|
>Is it possible to use the policy file to restrict remote access to the server
> to a specific user or ip?
I don't konw how to use policy file to limit specific user. For ip 192.168.10.5,, you can try:
permission java.net.SocketPermission "192.168.10.5:1024-", "listen, accept, connect, listen, resolve";
BTW, you can use jdbc:dbf:/yourURL?user=auserName;password=apassword on the server side to start a service, then all clients without the correct username or password, will be denied.
|
The ?user/password stuff on the DBFServer works like a charm! Thanks.
The policy file, however, doesn't appear to do much of anything. After removing AllPermission and putting in the SocketPermission with an ip, it doesn't seem to restrict anything.
As long as I can restrict by username and password, I'm happy. I'd rather not open up my data to the world.
Does DBFServer support SSL encryption? (Or any other type of network encryption)
|
The ?user/password stuff on the DBFServer works like a charm! Thanks.
The policy file, however, doesn't appear to do much of anything. After removing AllPermission and putting in the SocketPermission with an ip, it doesn't seem to restrict anything.
As long as I can restrict by username and password, I'm happy. I'd rather not open up my data to the world.
Does DBFServer support SSL encryption? (Or any other type of network encryption)
|
For instance, you open jdbc:dbf:////user/data/adir?user=a service, then all subdirectories of adir can be remote access with correct user, but other directories of data are forbidden.
DBFServer uses DES for handshaking so that it's impossible to sniff and get user/password information through TCIP/IP package. It provides DES, TRIDES, BLOWFISH functions to encrypt sensitive data in sql.
|
This no longer seems to work. (build 126)
It seems that as of build 126, you need to use username= and password=, user= does not work.
|
|
You should use user= still. Fixed. please download the latest package. HXTT DBF has supported ssl connection at http://www.hxtt.com/dbf/advanced.html#sslconnection and customer connection at http://www.hxtt.com/dbf/openapi.html#customerconnection . You can use ssl connection or not.
|
|
Works now. And the SSL stuff is very helpful. Thank you!
|
Main
webmaster@hxtt.com