This week's book giveaway is in the Server-Side JavaScript and NodeJS forum.
We're giving away four copies of Node.js Design Patterns: Design and implement production-grade Node.js applications using proven patterns and techniques and have Mario Casciaro & Luciano Mammino on-line!
See this thread for details.
Win a copy of Node.js Design Patterns: Design and implement production-grade Node.js applications using proven patterns and techniques this week in the Server-Side JavaScript and NodeJS forum!
    Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Rob Spoor
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Henry Wong
  • Liutauras Vilda
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Tim Holloway
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Mikalai Zaikin
  • Piet Souris

Restrict the other IP addresses call to our main server

 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Report post to moderator
Hi,

I have EJB deployed in one server and othes are acessing the EJB using our machine name and bootstrap port.

so we cannot identify the client using RMI and planning to add the following in java.policy file to restrict the other invalid clients calls to our EJB Server.

permission java.net.SocketPermission "167.23.122.222:1024-", "accept, connect, listen, resolve";

But even restart the our WebSpher server and its not working. Please help me to resolve.

Thanks
Jothi
 
ranger
Posts: 17346
11
Mac IntelliJ IDE Spring
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Report post to moderator
Moving this to our Websphere forum.

The Java EE Spec does not cover this.

Mark
 
Sheriff
Posts: 26793
82
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Report post to moderator
It isn't specific to Websphere either, it's just a general question about Java security. So I will try an answer and move it to Java Advanced:

As I read the API documentation for the java.net.SocketPermission class, the "167.23.122.222" identifies a host computer. I don't see any place where it mentions it might be the name of a client computer, so I conclude that you can't use SocketPermission to restrict clients from connecting. Although that's kind of weak reasoning.

While googling this I found a document about Java security in Tomcat. In the example it gave, there was this line:Clearly this cannot mean that Tomcat can only accept connections from localhost, that would be nonsensical. So I think my conclusion is correct.

And since it isn't working the way you expected, maybe I'm right.

You might be able to use a firewall to do that, but that's a question about networking and not about Java.
 
Ranch Hand
Posts: 1170
Hibernate Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Report post to moderator
My RMI program and my database both only accept connections from localhost. The only port open on my server is the port assigned to ssh. Its not non-sensical.

However, I suspect its likely this is an indication of the 'interface' java will accept connections on. In case you have multiple network cards installed. I don't recall off hand.
[ March 13, 2007: Message edited by: Mr. C Lamont Gilbert ]
 
Don't get me started about those stupid light bulbs.
    Bookmark Topic Watch Topic
  • New Topic