The Network Server's Basic security policy is documented in
the secion . Most likely, you
will want to customize your own security policy. For example, you might want
to restrict the server's liberal file i/o permissions which let the server
backup to and restore from any location in the local file system. Customizing
the security policy is simple:
- A template policy lives in the Derby distribution at demo/templates/server.policy.
Copy the from this location to your own file, say myCustomized.policy.
All of the following edits take place in your custom file.
- Replace the ${derby.install.url} variable with the location of
the Derby jars in your local file system.
- Replace the ${derby.system.home} variable with the location of
your Derby system directory. Alternatively, rather than replacing this variable,
you can simply set the value of the derby.system.home system property
when you boot the server.
- Replace the ${derby.security.host} variable with the address of
the network interface on which the server is listening. Note that the special
wildcard address "0.0.0.0" is not understood by SocketPermission, even though
Derby accepts this wildcard as a valid value for the -h option of the Network
Server startup command. If you must grant blanket permission to this wildcard
address, specify "*" in the policy file.
- Refine the file permissions needed by backup/restore, import/export, and
the loading of application jars.
The following example is a copy of a sample, customized policy file:
grant codeBase "file:/usr/local/share/sw/derby/lib/derby.jar"
{
//
// These permissions are needed for everyday, embedded Derby usage.
//
permission java.lang.RuntimePermission "createClassLoader";
permission java.util.PropertyPermission "derby.*", "read";
permission java.util.PropertyPermission "user.dir", "read";
permission java.io.FilePermission "/usr/local/shoppingCartApp/databases","read";
permission java.io.FilePermission "/usr/local/shoppingCartApp/databases/-",
"read,write,delete";
permission java.util.PropertyPermission "derby.storage.jvmInstanceId",
"write";
//
// This permission lets a DBA reload the policy file while the server
// is still running. The policy file is reloaded by invoking the
// SYSCS_UTIL.SYSCS_RELOAD_SECURITY_POLICY() system procedure.
//
permission java.security.SecurityPermission "getPolicy";
//
// This permission lets you backup and restore databases
// to and from a selected branch of the local file system:
//
permission java.io.FilePermission "/usr/local/shoppingCartApp/backups/-", "read,write,delete";
//
// This permission lets you import data from
// a selected branch of the local file system:
//
permission java.io.FilePermission "/usr/local/shoppingCartApp/imports/-", "read";
//
// This permission lets you export data to
// a selected branch of the local file system:
//
permission java.io.FilePermission "/usr/local/shoppingCartApp/exports/-", "write";
//
// This permission lets you load your databases with jar files of
// application code
//
permission java.io.FilePermission "/usr/local/shoppingCartApp/lib/*", "read";
};
grant codeBase "file:/usr/local/share/sw/derby/lib/derbynet.jar"
{
//
// This permission lets the Network Server manage connections from clients.
//
permission java.net.SocketPermission "localhost:0-", "accept";
};
After customizing the Basic policy, you may bring up the
Network Server as follows:
java -Djava.security.manager -Djava.security.policy=/usr/local/shoppingCartApp/lib/myCustomized.policy org.apache.derby.drda.NetworkServerControl start -h localhost