Replication and security

Replication and security If you want to perform replication with the security manager enabled, you must modify the security policy file on both the master and slave systems to allow the master-slave network connection. replicating databasessecurity database replicationsecurity

The section to be modified is the one following this line:

grant codeBase "${derby.install.url}derby.jar"

Add the following permission to the policy file on the master system:

permission java.net.SocketPermission "slaveHost:slavePort", "connect,resolve";

Add the following permissions to the policy file on the slave system:

permission java.net.SocketPermission "slaveHost", "accept,resolve"; permission java.net.SocketPermission "localhost:slavePort", "listen";

slaveHost and slavePort are the values you specify for the slaveHost=hostname and slavePort=portValue attributes, which are described in the .

See "Configuring Java security" in the for details on the security policy file.

Depending on the security mode is running under, the measures described in the following table are enforced when you specify the replication-related connection URL attributes.

Replication behavior with <ph conref="../conrefs.dita#prod/productshortname"></ph> securityThis table lists the requirements for specifying replication attributes with each of the security modes. Security Mode Replication Attribute Requirements No security Anyone may specify the replication attributes Authentication is turned on Normal connection policy: specify valid user=userName and password=userPassword attributes Authorization is turned on The user=userName and password=userPassword attributes must be valid, and the user must be the owner of the replicated database