How to Configure the JVM Policy for the Master Server
Steps
-
Edit the lib/security/rox.policy file.
-
Delete the line that allows the application to connect to or accept connections from all hosts.
-
Add the following lines to give the application permission selectively.
permission java.net.SocketPermission "localhost:localport", "accept"; permission java.net.SocketPermission "localhost:dbport", "connect"; permission java.net.SocketPermission "<domain>:httpport", "connect"; permission java.net.SocketPermission "ipAddress1:port1", "connect"; permission java.net.SocketPermission "ipAddress2:port2", "connect"; ...
-
localport is the port that the CLI Client uses to connect to the Master Server. The first line restricts the Master Server to allow CLI Clients to connect only locally or through ssh-proxy.
-
dbport is the port number for the Postgres database server.
-
domain is the domain of the hosts that are to be allowed to connect to the browser interface. httpport is the port number the browser interface.
-
ipAddress1:port1 and ipAddress2:port2 are the IP address and port numbers of the Remote Agents or Local Distributors that are connected directly to the Master Server.
-
- © 2010, Oracle Corporation and/or its affiliates