<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div>Regarding the firewall issue:</div><div><br></div><div><a href="http://community.jboss.org/wiki/UsingJBossBehindAFirewall">http://community.jboss.org/wiki/UsingJBossBehindAFirewall</a></div><div><br></div><div>snippet:</div><div><br></div><div><p>Then, on the system <em>behind</em> the firewall, the following
parameters need to be added to the java command line in the run.sh
script to pass back the "correct" RMI information to the system outside
of the firewall. </p><p> "Correct" in this case means the hostname that the
outside system refers to when addressing the system <em>behind</em> the
firewall.</p><div style="min-height: 8pt; height: 8pt; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; "> <br class="webkit-block-placeholder"></div><!--[CodeBlockStart:3a6a49f6-59c7-4972-8edc-9f86073bfd43]--><pre class="jive-pre"><code class="jive-code"> -Djava.rmi.server.hostname=<external_host_name>
-Djava.rmi.server.useLocalHostname=true
</code></pre><div><br></div></div><div><br></div><div>It looks like java.rmi.server.hostname property provided what the MMx firewall address provided.</div><div><br></div><br><div><div>On Apr 19, 2010, at 9:16 AM, Ramesh Reddy wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div>On Mon, 2010-04-19 at 10:24 -0400, Ken Johnson wrote:<br><blockquote type="cite">So by default, the server will not be able to accept remote JDBC <br></blockquote><blockquote type="cite">connections? I see the security benefits of this behavior but also <br></blockquote><blockquote type="cite">end-user inconvenience. <br></blockquote>Yes, I agree that this is little inconvenience to the users out of the<br>box. The primary driving factors were<br><br>1) Security<br>2) Align the host resolution to be similar to the JBoss AS, so that<br>users are not given two different choices in configuring the bind<br>address.<br><br>The logic changed *if* the host name resolves "localhost" (mostly<br>developer machines), however like in any typical shared server<br>environment would have their host name specified, so they will resolve<br>to proper LAN address that will be reachable by the known name. <br><br><blockquote type="cite">Does the hostname or IP specified with -b have <br></blockquote><blockquote type="cite">to match *exactly* with the hostname string in the JDBC URL used by <br></blockquote><blockquote type="cite">client applications? Or will it work as long as it resolves down to<br></blockquote><blockquote type="cite">the <br></blockquote><blockquote type="cite">same IP address (I assume the latter but just checking)?<br></blockquote><blockquote type="cite"><br></blockquote>If they resolve to same IP that would be enough. If the sever is started<br>with "0.0.0.0" then any resolved IP on that machine will be fine. Also,<br>note that user could still provide the host name/ip in the Teiid<br>configuration to override the default behavior.<br><br><blockquote type="cite">Also, how will this impact Teiid firewall configuration and dynamic<br></blockquote><blockquote type="cite">IP <br></blockquote><blockquote type="cite">environments like Amazon EC2 where internal and external addresses<br></blockquote><blockquote type="cite">differ? <br></blockquote>I do not know. Do these offer IP forwarding services may be?<br><br>Ramesh..<br><br>_______________________________________________<br>teiid-users mailing list<br><a href="mailto:teiid-users@lists.jboss.org">teiid-users@lists.jboss.org</a><br>https://lists.jboss.org/mailman/listinfo/teiid-users<br></div></blockquote></div><br><div>
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><span class="Apple-style-span" style="font-size: 12px; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div>Van Halbert</div><div>Principal Software Eng.</div><div>Red Hat, Inc.</div><div>------</div><div><a href="mailto:vhalbert@redhat.com">vhalbert@redhat.com</a></div><div><br></div><div><br></div><br class="Apple-interchange-newline"><br></div></span></div></span></div>
</div>
<br></body></html>