|
|
ION Java User's Guide: Configuring ION Java |
|
The ION Server implements a security system based on IDL command filtering. The security system has two internal command lists: one list consists of commands that are not allowed to be run on the IDL server process; the other list specifies commands that are allowed. (If an IDL command is included in both lists, it will not be allowed to run.)
When an ION client sends an IDL command to the ION Server for execution, the command line is scanned for function and procedure names. These names are first checked against the command inclusion list (commands that can be run on the server), and if the command is not in the list it is rejected. If the command inclusion check passes, the routine is then checked against the command exclusion list (routines that should not be run on the server). If the command is in the command exclusion list, it is rejected. If the command passes the exclusion list check, it is sent to the ION Server process for execution.
| Note ION's command security configurations are designed to prevent IDL commands from being used in an unauthorized or hostile manner during connections to your ION Server. Remember that you must also properly configure your Web server to prevent unauthorized access to your site via other mechanisms. |
Using a text file, you can specify IDL commands to be included or excluded from the ION Server. Inclusion and exclusion text files consist of a single command on each line. Lines that are blank or start with the "#" character are ignored. For example, you could create an ION exclude file containing the following lines:
# Commands to prevent execution of CALL_FUNCTION XBM_EDIT
To use an include or exclude file see the following directions for your platform:
-infile and -exfile command-line switches. See Starting the ION Daemon on UNIX.
When the ION Daemon detects an incoming server connection, the daemon verifies that the client is a valid ION client. ION clients are valid if they have been created using the ION Java classes described in this document. If the client is not valid, the daemon rejects the connection and no ION Server process is started.
There are two limits set on the number of connections the ION Server will accept. If you have specified a maximum number of connections via the -maxconn switch to the ION Daemon process, the ION Daemon will reject new clients after reaching that limit. If no maximum number of connections is specified to the daemon, the maximum number of connections allowed is defined by the ION Server license. If the limit is reached, the ION Daemon will notify new ION clients that the limit has been reached and will close the connection.
IDL Online Help (March 06, 2007)