||unity-dev|| testing Unity's policy file server

Discussion list for Unity developers. unity-dev at moock.org
Sat Apr 12 15:02:45 CDT 2008 

"A class path may include several paths, separated by a semicolon 
(Windows) or colon (Unix)."

http://java.sun.com/docs/books/tutorial/java/package/managingfiles.html


Discussion list for Unity developers. wrote:
> the paths should be separated by a semi-colon, not a colon, as far as I know
> even on unix...
> java -cp
> lib/unity_optional.jar;lib/xerces.jar;lib/xml-apis.jar;lib/unity_core.jar;ib/log4j.jar;lib/jdom.jar
> -Dlog4j.configuration=file:ss.lcf org.moock.unity.core.Unity start
> 
> that would explain the problem as far as I'm concerned!
> 
> On Sat, Apr 12, 2008 at 10:43 AM, Discussion list for Unity developers. <
> unity-dev at moock.org> wrote:
> 
>> and here is the startserver.sh :
>>
>> #!/bin/sh
>> java -cp
>>
>> lib/unity_optional.jar:lib/xerces.jar:lib/xml-apis.jar:lib/unity_core.jar:lib/log4j.jar:lib/jdom.jar
>>  -Dlog4j.configuration=file:ss.lcf org.moock.unity.core.Unity start &
>>
>> is that correct ?
>>
>> Thx
>>
>> Gabriel
>> ----- Original Message -----
>> From: "Discussion list for Unity developers." <unity-dev at moock.org>
>> To: <unity-dev at moock.org>
>> Sent: Saturday, April 12, 2008 4:28 PM
>> Subject: Re: ||unity-dev|| testing Unity's policy file server
>>
>>
>>> ok here's my deal.. I've not seen the crash in a couple u2 instances on
>> my
>>> servers with this patch. However, I cannot use this patch, so I've
>> rolled
>>> it
>>> back.
>>>
>>> This is why:
>>>
>>> I have several servers with more than a few U2 instances on the same IP,
>>> but
>>> listening for the clients on different ports. Now, the easiest thing is
>> to
>>> not specify a port other than 843 for the security check.. why? because
>>> then
>>> I'd have to mess around with port hopping to choose one available for
>> EACH
>>> instance.. and then, the client would have to make an swf code change to
>>> load the policy file from THAT port explicitly.. PITA!
>>>
>>> So.. I have expanded my custom solution of a standalone policy server
>> for
>>> EACH ip on 843, that serves up all the allowed domains and ports-to..
>> it's
>>> the only way I can think of making it work, and easier to manage. Mind
>>> you,
>>> this would mean that people can see what domains use a particular
>> port-set
>>> on my servers... so "technically" a breach of privacy but not really a
>>> security threat.
>>>
>>> Now a note to Gabriel -- are you SURE you placed the new jar in the
>>> correct
>>> location?? the class not found error means to me that you either don't
>>> have
>>> it in the right place, or, you have a path issue -- OR --- you perhaps
>>> have
>>> a filename CASE issue? on unix, unity_optional.jar is NOT the same as
>>> Unity_optional.jar, or unity_Optional.jar, etc... double check those..
>>>
>>> -Jayson
>>>
>>> On Fri, Apr 11, 2008 at 3:02 PM, Discussion list for Unity developers. <
>>> unity-dev at moock.org> wrote:
>>>
>>>> yup, that's all definitely true. (except for the stupid adobe part. as
>>>> much as it's annoying, security is critical for flash player's success.
>>>> just recently, usatoday.com was subject to a redirect attack that
>>>> exploited flash player's old security model. if flash player gets a
>>>> reputation for being insecure, the platform will die quickly.)
>>>>
>>>> jayson, have you tried the patch approach yet? for testing purposes,
>>>> we'd like to get as many installations as possible with the patch
>>>> approach while we work on the real fix.
>>>>
>>>> colin
>>>>
>>>>
>>>> Discussion list for Unity developers. wrote:
>>>>> fwiw, I took an old copy of Unity1 and simply modified the room
>>>> dispatcher
>>>>> to wait for the policy request, and then to send out the policy from
>> a
>>>> file
>>>>> system file. ..this is working for me and a few clients right now
>>>> without
>>>>> issue.. the downside is that it's a second "application" to manage,
>> and
>>>> uses
>>>>> up more resources than should be necessary.. but it works.. no
>> restart
>>>> of
>>>>> the primary service or changes otherwise
>>>>>
>>>>> this could be done by any simple server created with any language
>>>> running
>>>>> along side U2 -- in java, vb or whatever.. it literally just has to
>>>> accept
>>>>> connections on port 843 (or whatever you want), and wait for the
>>>> request,
>>>>> and then send out the policy data and terminate the connection. In my
>>>> case,
>>>>> 843 worked easily enough with no code changes anywhere else
>> whatsoever.
>>>>> stupid adobe.
>>>>>
>>>>>
>>>>>
>>>>> -Jayson
>>>>>
>>>>> On Fri, Apr 11, 2008 at 8:30 AM, Discussion list for Unity
>> developers.
>>>>> <
>>>>> unity-dev at moock.org> wrote:
>>>>>
>>>>>> HI all and thanks for all your replies and sorry for being so
>>>> stressed...
>>>>>> so here is the result of testing with realterm:
>>>>>>
>>>>>> each time i'm clicking on "open" button with mydomain.com:843, unity
>>>>>> log.txt
>>>>>> write the following:
>>>>>>
>>>>>>
>>>>>> Exception in thread "Thread-5" java.lang.NoClassDefFoundError:
>>>>>> org/moock/unity/core/ClientBufferedReader
>>>>>>        at
>>>>>>
>>>>>>
>> org.moock.unity.opt.policyserver.PolicyServer$Client.<init>(PolicyServer.java:122)
>>>>>>        at
>>>>>>
>> org.moock.unity.opt.policyserver.PolicyServer.run(PolicyServer.java:85)
>>>>>>        at java.lang.Thread.run(Unknown Source)
>>>>>>
>>>>>> i have 2.0.2 release running for theses tests...
>>>>>>
>>>>>> Regards
>>>>>>
>>>>>> Gabriel
>>>>>>
>>>>>> ----- Original Message -----
>>>>>> From: "Discussion list for Unity developers." <unity-dev at moock.org>
>>>>>> To: <unity-dev at moock.org>
>>>>>> Sent: Friday, April 11, 2008 8:17 AM
>>>>>> Subject: ||unity-dev|| testing Unity's policy file server
>>>>>>
>>>>>>
>>>>>>> a quick note for those troubleshooting unity's policy file server.
>>>>>>>
>>>>>>> To test whether the Policy File Server is running properly on the
>>>>>>> intended port, use a terminal to telnet to the port, then send the
>>>>>>> string "<policy-file-request/>" followed by a null byte (ASCII 0).
>> On
>>>>>>> Windows, the free software RealTerm (
>> http://realterm.sourceforge.net)
>>>>>>> can be used to connect and send the required message.
>>>>>>>
>>>>>>> Steps for testing with RealTerm:
>>>>>>> 1) on the Display tab, check "Half Duplex"
>>>>>>> 2) on the Port tab, in the port pulldown, enter your domain and
>> port
>>>> in
>>>>>>> the following format:
>>>>>>>
>>>>>>> yourdomain.com:nnn
>>>>>>>
>>>>>>> (where nnn is your port)
>>>>>>> 3) Click "Open"
>>>>>>> 4) on the Send tab, in the first pulldown menu to the left of "Send
>>>>>>> Numbers", enter <policy-file-request/>
>>>>>>> 5) click Send ASCII
>>>>>>> 6) click the "0" button
>>>>>>>
>>>>>>> if the policy file server is working properly, you should see the
>>>>>>> contents of your policy.xml file appear in the terminal window.
>>>>>>>
>>>>>>> colin
>>>>>>>
>>>>>>> --
>>>>>>> you're a unity-dev subscriber. to unsubscribe, visit
>>>>>>> www.moock.org/mailman/listinfo/unity-dev/
>>>>>>>
>>>>>>> superb hosting for this list and moock.org is generously provided
>> by
>>>>>>> Rackspace. See: http://www.rackspace.com/?supbid=moock
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> you're a unity-dev subscriber. to unsubscribe, visit
>>>>>> www.moock.org/mailman/listinfo/unity-dev/
>>>>>>
>>>>>> superb hosting for this list and moock.org is generously provided by
>>>>>> Rackspace. See: http://www.rackspace.com/?supbid=moock
>>>>>>
>>>>> --
>>>>> you're a unity-dev subscriber. to unsubscribe, visit
>>>> www.moock.org/mailman/listinfo/unity-dev/
>>>>> superb hosting for this list and moock.org is generously provided by
>>>> Rackspace. See: http://www.rackspace.com/?supbid=moock
>>>> --
>>>> you're a unity-dev subscriber. to unsubscribe, visit
>>>> www.moock.org/mailman/listinfo/unity-dev/
>>>>
>>>> superb hosting for this list and moock.org is generously provided by
>>>> Rackspace. See: http://www.rackspace.com/?supbid=moock
>>>>
>>> --
>>> you're a unity-dev subscriber. to unsubscribe, visit
>>> www.moock.org/mailman/listinfo/unity-dev/
>>>
>>> superb hosting for this list and moock.org is generously provided by
>>> Rackspace. See: http://www.rackspace.com/?supbid=moock
>>>
>>>
>>
>>
>> --
>> you're a unity-dev subscriber. to unsubscribe, visit
>> www.moock.org/mailman/listinfo/unity-dev/
>>
>> superb hosting for this list and moock.org is generously provided by
>> Rackspace. See: http://www.rackspace.com/?supbid=moock
>>
> --
> you're a unity-dev subscriber. to unsubscribe, visit www.moock.org/mailman/listinfo/unity-dev/
> 
> superb hosting for this list and moock.org is generously provided by Rackspace. See: http://www.rackspace.com/?supbid=moock

More information about the unity-dev mailing list