||unity-dev|| testing Unity's policy file server

Discussion list for Unity developers. unity-dev at moock.org
Sat Apr 12 11:34:52 CDT 2008 

the paths should be separated by a semi-colon, not a colon, as far as I know
even on unix...
java -cp
lib/unity_optional.jar;lib/xerces.jar;lib/xml-apis.jar;lib/unity_core.jar;ib/log4j.jar;lib/jdom.jar
-Dlog4j.configuration=file:ss.lcf org.moock.unity.core.Unity start

that would explain the problem as far as I'm concerned!

On Sat, Apr 12, 2008 at 10:43 AM, Discussion list for Unity developers. <
unity-dev at moock.org> wrote:

> and here is the startserver.sh :
>
> #!/bin/sh
> java -cp
>
> lib/unity_optional.jar:lib/xerces.jar:lib/xml-apis.jar:lib/unity_core.jar:lib/log4j.jar:lib/jdom.jar
>  -Dlog4j.configuration=file:ss.lcf org.moock.unity.core.Unity start &
>
> is that correct ?
>
> Thx
>
> Gabriel
> ----- Original Message -----
> From: "Discussion list for Unity developers." <unity-dev at moock.org>
> To: <unity-dev at moock.org>
> Sent: Saturday, April 12, 2008 4:28 PM
> Subject: Re: ||unity-dev|| testing Unity's policy file server
>
>
> > ok here's my deal.. I've not seen the crash in a couple u2 instances on
> my
> > servers with this patch. However, I cannot use this patch, so I've
> rolled
> > it
> > back.
> >
> > This is why:
> >
> > I have several servers with more than a few U2 instances on the same IP,
> > but
> > listening for the clients on different ports. Now, the easiest thing is
> to
> > not specify a port other than 843 for the security check.. why? because
> > then
> > I'd have to mess around with port hopping to choose one available for
> EACH
> > instance.. and then, the client would have to make an swf code change to
> > load the policy file from THAT port explicitly.. PITA!
> >
> > So.. I have expanded my custom solution of a standalone policy server
> for
> > EACH ip on 843, that serves up all the allowed domains and ports-to..
> it's
> > the only way I can think of making it work, and easier to manage. Mind
> > you,
> > this would mean that people can see what domains use a particular
> port-set
> > on my servers... so "technically" a breach of privacy but not really a
> > security threat.
> >
> > Now a note to Gabriel -- are you SURE you placed the new jar in the
> > correct
> > location?? the class not found error means to me that you either don't
> > have
> > it in the right place, or, you have a path issue -- OR --- you perhaps
> > have
> > a filename CASE issue? on unix, unity_optional.jar is NOT the same as
> > Unity_optional.jar, or unity_Optional.jar, etc... double check those..
> >
> > -Jayson
> >
> > On Fri, Apr 11, 2008 at 3:02 PM, Discussion list for Unity developers. <
> > unity-dev at moock.org> wrote:
> >
> >> yup, that's all definitely true. (except for the stupid adobe part. as
> >> much as it's annoying, security is critical for flash player's success.
> >> just recently, usatoday.com was subject to a redirect attack that
> >> exploited flash player's old security model. if flash player gets a
> >> reputation for being insecure, the platform will die quickly.)
> >>
> >> jayson, have you tried the patch approach yet? for testing purposes,
> >> we'd like to get as many installations as possible with the patch
> >> approach while we work on the real fix.
> >>
> >> colin
> >>
> >>
> >> Discussion list for Unity developers. wrote:
> >> > fwiw, I took an old copy of Unity1 and simply modified the room
> >> dispatcher
> >> > to wait for the policy request, and then to send out the policy from
> a
> >> file
> >> > system file. ..this is working for me and a few clients right now
> >> without
> >> > issue.. the downside is that it's a second "application" to manage,
> and
> >> uses
> >> > up more resources than should be necessary.. but it works.. no
> restart
> >> of
> >> > the primary service or changes otherwise
> >> >
> >> > this could be done by any simple server created with any language
> >> running
> >> > along side U2 -- in java, vb or whatever.. it literally just has to
> >> accept
> >> > connections on port 843 (or whatever you want), and wait for the
> >> request,
> >> > and then send out the policy data and terminate the connection. In my
> >> case,
> >> > 843 worked easily enough with no code changes anywhere else
> whatsoever.
> >> >
> >> > stupid adobe.
> >> >
> >> >
> >> >
> >> > -Jayson
> >> >
> >> > On Fri, Apr 11, 2008 at 8:30 AM, Discussion list for Unity
> developers.
> >> > <
> >> > unity-dev at moock.org> wrote:
> >> >
> >> >> HI all and thanks for all your replies and sorry for being so
> >> stressed...
> >> >>
> >> >> so here is the result of testing with realterm:
> >> >>
> >> >> each time i'm clicking on "open" button with mydomain.com:843, unity
> >> >> log.txt
> >> >> write the following:
> >> >>
> >> >>
> >> >> Exception in thread "Thread-5" java.lang.NoClassDefFoundError:
> >> >> org/moock/unity/core/ClientBufferedReader
> >> >>        at
> >> >>
> >> >>
> >>
> org.moock.unity.opt.policyserver.PolicyServer$Client.<init>(PolicyServer.java:122)
> >> >>        at
> >> >>
> org.moock.unity.opt.policyserver.PolicyServer.run(PolicyServer.java:85)
> >> >>        at java.lang.Thread.run(Unknown Source)
> >> >>
> >> >> i have 2.0.2 release running for theses tests...
> >> >>
> >> >> Regards
> >> >>
> >> >> Gabriel
> >> >>
> >> >> ----- Original Message -----
> >> >> From: "Discussion list for Unity developers." <unity-dev at moock.org>
> >> >> To: <unity-dev at moock.org>
> >> >> Sent: Friday, April 11, 2008 8:17 AM
> >> >> Subject: ||unity-dev|| testing Unity's policy file server
> >> >>
> >> >>
> >> >>> a quick note for those troubleshooting unity's policy file server.
> >> >>>
> >> >>> To test whether the Policy File Server is running properly on the
> >> >>> intended port, use a terminal to telnet to the port, then send the
> >> >>> string "<policy-file-request/>" followed by a null byte (ASCII 0).
> On
> >> >>> Windows, the free software RealTerm (
> http://realterm.sourceforge.net)
> >> >>> can be used to connect and send the required message.
> >> >>>
> >> >>> Steps for testing with RealTerm:
> >> >>> 1) on the Display tab, check "Half Duplex"
> >> >>> 2) on the Port tab, in the port pulldown, enter your domain and
> port
> >> in
> >> >>> the following format:
> >> >>>
> >> >>> yourdomain.com:nnn
> >> >>>
> >> >>> (where nnn is your port)
> >> >>> 3) Click "Open"
> >> >>> 4) on the Send tab, in the first pulldown menu to the left of "Send
> >> >>> Numbers", enter <policy-file-request/>
> >> >>> 5) click Send ASCII
> >> >>> 6) click the "0" button
> >> >>>
> >> >>> if the policy file server is working properly, you should see the
> >> >>> contents of your policy.xml file appear in the terminal window.
> >> >>>
> >> >>> colin
> >> >>>
> >> >>> --
> >> >>> you're a unity-dev subscriber. to unsubscribe, visit
> >> >>> www.moock.org/mailman/listinfo/unity-dev/
> >> >>>
> >> >>> superb hosting for this list and moock.org is generously provided
> by
> >> >>> Rackspace. See: http://www.rackspace.com/?supbid=moock
> >> >>>
> >> >>>
> >> >>
> >> >>
> >> >> --
> >> >> you're a unity-dev subscriber. to unsubscribe, visit
> >> >> www.moock.org/mailman/listinfo/unity-dev/
> >> >>
> >> >> superb hosting for this list and moock.org is generously provided by
> >> >> Rackspace. See: http://www.rackspace.com/?supbid=moock
> >> >>
> >> > --
> >> > you're a unity-dev subscriber. to unsubscribe, visit
> >> www.moock.org/mailman/listinfo/unity-dev/
> >> >
> >> > superb hosting for this list and moock.org is generously provided by
> >> Rackspace. See: http://www.rackspace.com/?supbid=moock
> >> --
> >> you're a unity-dev subscriber. to unsubscribe, visit
> >> www.moock.org/mailman/listinfo/unity-dev/
> >>
> >> superb hosting for this list and moock.org is generously provided by
> >> Rackspace. See: http://www.rackspace.com/?supbid=moock
> >>
> > --
> > you're a unity-dev subscriber. to unsubscribe, visit
> > www.moock.org/mailman/listinfo/unity-dev/
> >
> > superb hosting for this list and moock.org is generously provided by
> > Rackspace. See: http://www.rackspace.com/?supbid=moock
> >
> >
>
>
>
> --
> you're a unity-dev subscriber. to unsubscribe, visit
> www.moock.org/mailman/listinfo/unity-dev/
>
> superb hosting for this list and moock.org is generously provided by
> Rackspace. See: http://www.rackspace.com/?supbid=moock
>

More information about the unity-dev mailing list