powered by Jive Software

Permission policy for S2S connections with white list

For server-to-server communication the administration interface says: [Allowed to Connect] Only some remote servers are allowed to connect to this server. Use the table below to define the allowed remote servers and their settings.

When I test the results of using white list policy it actually only controls which domains the current server connects to, not which servers/domains that can connect to it. Hence, it does not have any implications on the incoming connections. In any case, you will use firewalls to control this in a better manner, however, this seems like a bug to me.

Adding the following to the “createSession” method (line 104 in version 3.6.3) in the “LocalIncomingServerSession” makes it behave as I would expect:

// NST FIX: Added to ensure that the remote server is on the whitelist if whitelist is the policy

if* (RemoteServerManager.getPermissionPolicy().equals(RemoteServerManager.Permissio nPolicy.whitelist**)) {*

if* (!RemoteServerManager.canAccess(connection.getHostName())) {*

*** throw**** new** UnauthorizedException("The remote host name: "*

  •  + connection.getHostName()*
    
  •  + **"is not registered on the white list. No incoming connection will be created from IP: "*
    
  •  + connection.getHostAddress());*
    

}

}

What do you think?

Kind regards,

Lars