Experimental Physics and Industrial Control System
Hi Lewis,
On 2012-12-03 J. Lewis Muir wrote:
> Would you be willing to change the default behavior to act as if the
> CAJ_STRIP_HOSTNAME system property had been set to true? If the
> underlying implementation is broken and returns an FQDN where it should
> not, and if you don't do anything to correct that in CAJ, then CAJ will
> be using a hostname that will not work with Access Security. No one
> wants that.
IMHO CAJ should try to provide the IOC/server with exactly the same name that
the C++ CA client library gives when run on that machine, which could be the
short name, a FQDN or even some intermediate name. Where the name comes from
can vary with different OSs, different versions of the C run-time library, and
may depend on what's in the machine's /etc/hosts file or even host its DNS
service is configured.
It looks like the C++ library gets the name using the class localHostName in
src/ca/localHostName.cpp which calls the C run-time library's gethostname()
function. On Linux that apparently returns the node-name from uname(2), but
other OSs may implement it differently. Read the NOTES to the RHEL manpages
on uname(2) for a discussion about the node-name field.
Note that shortening the name could have security implications at some sites,
so I don't like the idea of doing that inside the CAJ implementation. If both
CA libraries /can/ be made to return the same name then at least an IOC's
access security file only needs one name per host, but you can always list
both names in the HAG if Java doesn't provide access to the gethostname()
function.
- Andrew
--
Computer science is as much about computers as astronomy is about
telescopes. -- Edsger Dijkstra
- Replies:
- Re: Using CAJ in production J. Lewis Muir
- References:
- Using CAJ in production Shankar, Murali
- Re: Using CAJ in production Matej Sekoranja
- Re: Using CAJ in production J. Lewis Muir
- Navigate by Date:
- Prev:
Re: Using CAJ in production J. Lewis Muir
- Next:
Re: mask for bitwise operation in CALC record Andrew Johnson
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
<2012>
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
- Navigate by Thread:
- Prev:
Re: Using CAJ in production J. Lewis Muir
- Next:
Re: Using CAJ in production J. Lewis Muir
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
<2012>
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024