Discussion list for Unity developers.
unity-dev at moock.org
Thu Apr 10 23:44:22 CDT 2008
you don't need to include the policy port in the allowed to-ports in the policy file. (the player has to connect to the policy port before it ever gets a chance to inspect the policy file.) colin Discussion list for Unity developers. wrote: > don't forget to include your policy port# in there too; also, ensure that > this is the contents of the policy.xml file and not just the web accessible > crossdomain.xml > > On Thu, Apr 10, 2008 at 8:55 PM, Discussion list for Unity developers. < > unity-dev at moock.org> wrote: > >> in the flash player debug version i know have this when trying to connect >> (at the same time the error in unity logs fires) >> >> Ignoring policy file at (URL) due to incorrect syntax. >> >> so it seems clear, but i think my synthax is correct: >> <cross-domain-policy> >> <site-control permitted-cross-domain-policies="master-only" /> >> <allow-access-from domain="*.mydomain.com" to-ports="9100,9101" /> >> </cross-domain-policy> >> >> Can you confirm ? >> >> thx >> >> Gabriel >> >> ----- Original Message ----- >> From: "Discussion list for Unity developers." <unity-dev at moock.org> >> To: <unity-dev at moock.org> >> Sent: Friday, April 11, 2008 2:42 AM >> Subject: Re: ||unity-dev|| >> TemporaryPatchforFlashPlayer9.0.124.0SecurityRestrictions >> >> >>> and a last thing, just to be sure: does the crossdomain.xml file have to >>> be >>> changed...are there news rules concerning this file too, or can i keep >> my >>> old style crossdomain file ? >>> >>> thanks for your help and patience, all my apps are down and my customers >>> begin to get mad... >>> >>> Gabriel >>> >>> ----- Original Message ----- >>> From: "Discussion list for Unity developers." <unity-dev at moock.org> >>> To: <unity-dev at moock.org> >>> Sent: Friday, April 11, 2008 2:26 AM >>> Subject: Re: ||unity-dev|| Temporary >>> PatchforFlashPlayer9.0.124.0SecurityRestrictions >>> >>> >>>> ok, so here are the logs when starting unity, where policy seems to be >>>> ok: >>>> 2008-04-11 02:21:34,830 INFO - Creating namespace level udefault for >>>> full >>>> name udefault >>>> 2008-04-11 02:21:34,838 WARN - Room type null initialized and started >>>> under >>>> id: unity >>>> 2008-04-11 02:21:34,838 WARN - Spawned Server Room 'unity'. >>>> 2008-04-11 02:21:34,838 WARN - RoomManager started. >>>> 2008-04-11 02:21:34,838 WARN - No custom MessageRouter set. Loaded >>>> UPCMessageRouter. >>>> 2008-04-11 02:21:34,840 WARN - Directory /root/unity/services added to >>>> the >>>> classpath for loading Services. >>>> 2008-04-11 02:21:34,840 WARN - ServicesManager started. >>>> 2008-04-11 02:21:34,841 WARN - Policy File Server started on port >> [843] >>>> 2008-04-11 02:21:34,841 WARN - Service PolicyFileService loaded. >>>> 2008-04-11 02:21:34,842 WARN - Unity Started...OK >>>> >>>> and then when i try to connect the uadmin: >>>> >>>> 2008-04-11 02:24:21,869 ERROR - Exception in Admin. >>>> java.lang.NullPointerException >>>> >>>> >>>> i add hundreds of these messages / second !!! >>>> i add to stop unity to avoid server crash... >>>> >>>> gabriel >>>> >>>> ----- Original Message ----- >>>> From: "Discussion list for Unity developers." <unity-dev at moock.org> >>>> To: <unity-dev at moock.org> >>>> Sent: Friday, April 11, 2008 2:06 AM >>>> Subject: Re: ||unity-dev|| Temporary Patch >>>> forFlashPlayer9.0.124.0SecurityRestrictions >>>> >>>> >>>>> ok, so excuse my silly question: >>>>> >>>>> i guess it s in startserver.sh that i have to put this, but what would >>>>> be >>>>> the correct synthax ? >>>>> >>>>> thx! >>>>> >>>>> Gabriel >>>>> >>>>> ----- Original Message ----- >>>>> From: "Discussion list for Unity developers." <unity-dev at moock.org> >>>>> To: <unity-dev at moock.org> >>>>> Sent: Friday, April 11, 2008 1:53 AM >>>>> Subject: Re: ||unity-dev|| Temporary Patch forFlash >>>>> Player9.0.124.0SecurityRestrictions >>>>> >>>>> >>>>>> as I recall from memory atm, it looks like you are not specifying the >>>>>> unity_optional.jar in the classpath that starts unity... take a look >> at >>>>>> that >>>>>> >>>>>> -Jayson >>>>>> >>>>>> On Thu, Apr 10, 2008 at 6:01 PM, Discussion list for Unity >> developers. >>>>>> < >>>>>> unity-dev at moock.org> wrote: >>>>>> >>>>>>> and here is a snippet of unity log.txt >>>>>>> >>>>>>> 2008-04-10 18:53:34,691 WARN - Error loading Service >>>>>>> PolicyFileService >>>>>>> java.lang.ClassNotFoundException: >>>>>>> org.moock.unity.opt.policyserver.PolicyServer >>>>>>> at java.net.URLClassLoader$1.run(Unknown Source) >>>>>>> at java.security.AccessController.doPrivileged(Native Method) >>>>>>> at java.net.URLClassLoader.findClass(Unknown Source) >>>>>>> at java.lang.ClassLoader.loadClass(Unknown Source) >>>>>>> at java.lang.ClassLoader.loadClass(Unknown Source) >>>>>>> at org.moock.unity.core.n.a(Unknown Source) >>>>>>> at org.moock.unity.core.u.a(Unknown Source) >>>>>>> at org.moock.unity.core.d.byte(Unknown Source) >>>>>>> at org.moock.unity.core.d.<init>(Unknown Source) >>>>>>> at org.moock.unity.core.Unity.<init>(Unknown Source) >>>>>>> >>>>>>> hope that'll helps >>>>>>> >>>>>>> Gabriel >>>>>>> >>>>>>> ----- Original Message ----- >>>>>>> From: "Discussion list for Unity developers." <unity-dev at moock.org> >>>>>>> To: <unity-dev at moock.org> >>>>>>> Sent: Thursday, April 10, 2008 8:08 PM >>>>>>> Subject: Re: ||unity-dev|| Temporary Patch forFlash Player9.0.124.0 >>>>>>> SecurityRestrictions >>>>>>> >>>>>>> >>>>>>>> which log says that? (please post log excerpts and indicate which >>>>>>>> log >>>>>>>> you're quoting in all trouble-shooting reports. thanks!) >>>>>>>> >>>>>>>> if you're referring to the uClientCore log, you can ignore the >>>>>>>> message >>>>>>>> about no port being set. you're running a master policy file >> server, >>>>>>>> so >>>>>>>> no port is required. >>>>>>>> >>>>>>>> remember, you must have root access to start a master policy file >>>>>>> server. >>>>>>>> please check the logs i mentioned earlier in this thread. >>>>>>>> >>>>>>>> the config files look fine. >>>>>>>> >>>>>>>> colin >>>>>>>> >>>>>>>> Discussion list for Unity developers. wrote: >>>>>>>>> well, in my logs it says "no policy port set"...but i did set >> these >>>>>>>>> following the infos you provided...were my config files ok? >>>>>>>>> >>>>>>>>> thx >>>>>>>>> >>>>>>>>> Gabriel >>>>>>>>> >>>>>>>>> ----- Original Message ----- >>>>>>>>> From: "Discussion list for Unity developers." < >> unity-dev at moock.org> >>>>>>>>> To: <unity-dev at moock.org> >>>>>>>>> Sent: Thursday, April 10, 2008 7:39 PM >>>>>>>>> Subject: Re: ||unity-dev|| Temporary Patch for Flash >>>>>>>>> Player9.0.124.0 >>>>>>>>> SecurityRestrictions >>>>>>>>> >>>>>>>>> >>>>>>>>>> hi gabriel, >>>>>>>>>> unless your clients *only* connect via: >>>>>>>>>> mydomain.ovh.net >>>>>>>>>> >>>>>>>>>> you'll need to use a wildcard, as in: >>>>>>>>>> *.mydomain.ovh.net >>>>>>>>>> >>>>>>>>>> to diagnose your client connection failures, please check your >>>>>>>>>> flash >>>>>>>>>> player policy file log, as described here: >>>>>>>>>> >>>>>>>>>> >> http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_05.html >>>>>>>>>> please also check unity's log.txt to verify that your policy >> file >>>>>>> server >>>>>>>>>> is starting properly. >>>>>>>>>> >>>>>>>>>> colin >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Discussion list for Unity developers. wrote: >>>>>>>>>>> hi >>>>>>>>>>> >>>>>>>>>>> i've updated the file and here are: >>>>>>>>>>> >>>>>>>>>>> policy.xml >>>>>>>>>>> <cross-domain-policy> >>>>>>>>>>> <site-control permitted-cross-domain-policies="all"/> >>>>>>>>>>> <allow-access-from domain="mydomain.ovh.net" >>>>>>>>>>> to-ports="9100,9101" >>>>>>> /> >>>>>>>>>>> </cross-domain-policy> >>>>>>>>>>> >>>>>>>>>>> uconfig.xml >>>>>>>>>>> <UNITY> >>>>>>>>>>> <SERVER> >>>>>>>>>>> <SERVER_PORT>9100</SERVER_PORT> >>>>>>>>>>> <ADMIN_PORT>9101</ADMIN_PORT> >>>>>>>>>>> <ADMIN_PASSWORD>password</ADMIN_PASSWORD> >>>>>>>>>>> <CLIENT_TIMEOUT>100</CLIENT_TIMEOUT> >>>>>>>>>>> <MAX_CLIENTS>400</MAX_CLIENTS> >>>>>>>>>>> <SERVICE> >>>>>>>>>>> <ID>PolicyFileService</ID> >>>>>>>>>>> >> <CLASSNAME>org.moock.unity.opt.policyserver.PolicyServer</CLASSNAME> >>>>>>>>>>> <ATTRIBUTES> >>>>>>>>>>> <PORT>843</PORT> >>>>>>>>>>> <POLICY_FILE>policy.xml</POLICY_FILE> >>>>>>>>>>> </ATTRIBUTES> >>>>>>>>>>> </SERVICE> >>>>>>>>>>> </SERVER> >>>>>>>>>>> <TYPES> >>>>>>>>>>> </TYPES> >>>>>>>>>>> <INSTANCES> >>>>>>>>>>> </INSTANCES> >>>>>>>>>>> <UPCROOM_GLOBALS> >>>>>>>>>>> <CREATE_UNITY_ROOM>true</CREATE_UNITY_ROOM> >>>>>>>>>>> <CLIENT_PERMISSIONS>all</CLIENT_PERMISSIONS> >>>>>>>>>>> </UPCROOM_GLOBALS> >>>>>>>>>>> </UNITY> >>>>>>>>>>> >>>>>>>>>>> and my apps are still not connecting after restarting >> unity...did >>>>>>>>>>> i >>>>>>>>>>> made >>>>>>>>>>> something wrong ? >>>>>>>>>>> >>>>>>>>>>> thx for your help >>>>>>>>>>> >>>>>>>>>>> Gabriel >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> ----- Original Message ----- >>>>>>>>>>> From: "Discussion list for Unity developers." >>>>>>>>>>> <unity-dev at moock.org> >>>>>>>>>>> To: <unity-dev at moock.org> >>>>>>>>>>> Sent: Thursday, April 10, 2008 6:27 PM >>>>>>>>>>> Subject: ||unity-dev|| Temporary Patch for Flash Player >> 9.0.124.0 >>>>>>>>>>> SecurityRestrictions >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>>> a temporary patch is now available to address the new security >>>>>>>>>>>> restrictions on socket connections made by Flash Player. >>>>>>>>>>>> >>>>>>>>>>>> you can download the patch here: >>>>>>>>>>>> >>>>>>>>>>>> http://www.moock.org/unity/patches/unity_optional.jar >>>>>>>>>>>> >>>>>>>>>>>> instruction for applying the patch: >>>>>>>>>>>> >>>>>>>>>>>> 1) Stop Unity Multiuser Server. >>>>>>>>>>>> 2) Copy unity_optional.jar into your existing installation >>>>>>> directory's >>>>>>>>>>>> /lib/ folder, replacing the existing file of the same name. >>>>>>>>>>>> 3) In your existing installation directory, edit uconfig.xml. >>>>>>>>>>>> 4) Nested *inside* the existing <SERVER> tag, insert the >>>>>>>>>>>> following >>>>>>> XML >>>>>>>>>>>> code. Change 9102 to the port on which you wish to serve >> policy >>>>>>> files >>>>>>>>>>>> (for help deciding on a port, see >>>>>>>>>>>> http://moock.org/unity/technotes/00001.html). >>>>>>>>>>>> >>>>>>>>>>>> <SERVICE> >>>>>>>>>>>> <ID>PolicyFileService</ID> >>>>>>>>>>>> >>>>>>> <CLASSNAME>org.moock.unity.opt.policyserver.PolicyServer</CLASSNAME> >>>>>>>>>>>> <ATTRIBUTES> >>>>>>>>>>>> <PORT>9102</PORT> >>>>>>>>>>>> <POLICY_FILE>policy.xml</POLICY_FILE> >>>>>>>>>>>> </ATTRIBUTES> >>>>>>>>>>>> </SERVICE> >>>>>>>>>>>> >>>>>>>>>>>> 5) Configure Unity to serve a socket master policy file (see >>>>>>>>>>>> instructions at http://moock.org/unity/technotes/00003.html) >> or >>>>>>>>>>>> a >>>>>>>>>>>> regular socket policy file (see instructions at >>>>>>>>>>>> http://moock.org/unity/technotes/00004.html). >>>>>>>>>>>> 6) Start Unity Multiuser Server. >>>>>>>>>>>> >>>>>>>>>>>> Please report problems or questions to the list. >>>>>>>>>>>> >>>>>>>>>>>> thanks! >>>>>>>>>>>> colin >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> you're a unity-dev subscriber. to unsubscribe, visit >>>>>>>>>>>> www.moock.org/mailman/listinfo/unity-dev/ >>>>>>>>>>>> >>>>>>>>>>>> superb hosting for this list and moock.org is generously >>>>>>>>>>>> provided >>>>>>>>>>>> by >>>>>>>>>>>> Rackspace. See: http://www.rackspace.com/?supbid=moock >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> you're a unity-dev subscriber. to unsubscribe, visit >>>>>>>>>>> www.moock.org/mailman/listinfo/unity-dev/ >>>>>>>>>>> >>>>>>>>>>> superb hosting for this list and moock.org is generously >> provided >>>>>>>>>>> by >>>>>>>>>>> Rackspace. See: http://www.rackspace.com/?supbid=moock >>>>>>>>>> -- >>>>>>>>>> you're a unity-dev subscriber. to unsubscribe, visit >>>>>>>>>> www.moock.org/mailman/listinfo/unity-dev/ >>>>>>>>>> >>>>>>>>>> superb hosting for this list and moock.org is generously >> provided >>>>>>>>>> by >>>>>>>>>> Rackspace. See: http://www.rackspace.com/?supbid=moock >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> you're a unity-dev subscriber. to unsubscribe, visit >>>>>>>>> www.moock.org/mailman/listinfo/unity-dev/ >>>>>>>>> >>>>>>>>> superb hosting for this list and moock.org is generously provided >>>>>>>>> by >>>>>>>>> Rackspace. See: http://www.rackspace.com/?supbid=moock >>>>>>>> -- >>>>>>>> you're a unity-dev subscriber. to unsubscribe, visit >>>>>>>> www.moock.org/mailman/listinfo/unity-dev/ >>>>>>>> >>>>>>>> superb hosting for this list and moock.org is generously provided >> by >>>>>>>> Rackspace. See: http://www.rackspace.com/?supbid=moock >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> you're a unity-dev subscriber. to unsubscribe, visit >>>>>>> www.moock.org/mailman/listinfo/unity-dev/ >>>>>>> >>>>>>> superb hosting for this list and moock.org is generously provided by >>>>>>> Rackspace. See: http://www.rackspace.com/?supbid=moock >>>>>>> >>>>>> -- >>>>>> you're a unity-dev subscriber. to unsubscribe, visit >>>>>> www.moock.org/mailman/listinfo/unity-dev/ >>>>>> >>>>>> superb hosting for this list and moock.org is generously provided by >>>>>> Rackspace. See: http://www.rackspace.com/?supbid=moock >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> you're a unity-dev subscriber. to unsubscribe, visit >>>>> www.moock.org/mailman/listinfo/unity-dev/ >>>>> >>>>> superb hosting for this list and moock.org is generously provided by >>>>> Rackspace. See: http://www.rackspace.com/?supbid=moock >>>>> >>>>> >>>> >>>> >>>> -- >>>> you're a unity-dev subscriber. to unsubscribe, visit >>>> www.moock.org/mailman/listinfo/unity-dev/ >>>> >>>> superb hosting for this list and moock.org is generously provided by >>>> Rackspace. See: http://www.rackspace.com/?supbid=moock >>>> >>>> >>> >>> >>> -- >>> you're a unity-dev subscriber. to unsubscribe, visit >>> www.moock.org/mailman/listinfo/unity-dev/ >>> >>> superb hosting for this list and moock.org is generously provided by >>> Rackspace. See: http://www.rackspace.com/?supbid=moock >>> >>> >> >> >> -- >> you're a unity-dev subscriber. to unsubscribe, visit >> www.moock.org/mailman/listinfo/unity-dev/ >> >> superb hosting for this list and moock.org is generously provided by >> Rackspace. See: http://www.rackspace.com/?supbid=moock >> > -- > you're a unity-dev subscriber. to unsubscribe, visit www.moock.org/mailman/listinfo/unity-dev/ > > superb hosting for this list and moock.org is generously provided by Rackspace. See: http://www.rackspace.com/?supbid=moock