unity

Unity Technote 00004: Configuring Unity to serve a regular socket policy file

This technote describes how to configure Unity Multiuser Server to serve a regular socket policy file in order to address Flash Player security restrictions introduced by Adobe in April 2008. The following procedure configures Unity to serve a policy file over port 9102. To specify a custom policy port, see "Optional: Choosing a custom policy port", below.

1. If you are not already running Unity Multiuser Server version 2.0.3, first update your software.
2. In the Unity server root directory, edit policy.xml.
3. Change example.com to the domain on which Unity Multiuser Server is running. Change 9100,9101 to your desired list of authorized ports. If you wish to allow connections from foreign hosts, list them in separate <allow-access-from> tags.
   

   <cross-domain-policy>
     <allow-access-from domain="*.example.com" to-ports="9100,9101" />
   </cross-domain-policy>
   

Note: No server restart is required after changing the contents of policy.xml.

Optional: Choosing a custom policy port

To serve policy files over a custom port, complete the procedure in the preceding section, then follow these steps:

1. In the Unity server root directory, edit uconfig.xml.
2. Locate the <SERVICE> tag containing the <ID>PolicyFileService</ID> tag. Inside that <SERVICE> tag, change <PORT>9102</PORT> to your desired port. For example, the following code changes the policy port to 2001:

   <SERVICE>
     <ID>PolicyFileService</ID>
     <CLASSNAME>org.moock.unity.opt.policyserver.PolicyServer</CLASSNAME>
     <ATTRIBUTES>
       <PORT>2001</PORT>
       <POLICY_FILE>policy.xml</POLICY_FILE>
     </ATTRIBUTES>
   </SERVICE>

3. If you run Unity on Unix or Linux, and the policy port you chose in Step 2 is below 1024, log in as root.
4. Restart Unity Multiuser Server.

Note: A server restart is always required after changing the contents of uconfig.xml.

Revision history

April 5, 2008: Posted