Installation and Administration 6.0 > Configuring Corda Server

Setting Path Permissions

For security reasons, Corda Server can only read appearance files, data files, PCXML files, and web documents from authorized locations. Likewise, it can only write image and document files to authorized locations. By default, Corda Server can only read from its document root directory and subdirectories, and the localhost (127.0.0.1) domain. It can only write to the images folder of the document root directory.

This means that you will need to authorize any other locations that you want Corda Server to read from or write to. For example, suppose that you wanted to load a web document from a web application server located at http://webapp.mycompany.com. Corda Server would need to be given permission to retrieve data from this location. Likewise, you would need to give Corda Server permission to load an appearance file from the C:\InetPub folder on the computer running the Corda Server

You can control which locations Corda Server can read or write from by editing the path.xml file. This file is located in the config directory. You can edit it in a text editor such as Microsoft Notepad, or you can edit it in the Administration Console.

The Need for Security

To convince you of the need for a path.xml file, and also to keep you from defeating the purpose of this file, we should point out two ways by which an insecure server can be abused.

First of all, without Corda Server built-in security settings, Corda Server's save capabilities can be used to overwrite crucial system files. For example, Corda Embedder's saveToCordaServer(String) method allows a programmer to save images for future use to the machine running the Corda Server. A hacker could easily use this method to save an image over a system file, thus crashing your server, or to save an unrestricted number of files to disk, making you run short on critical disk space.

Note: You also need to specify a password to save images to Corda Server, so this could only happen if your password were insecure.

To prevent this from occurring, the path.xml file controls the directories to which Corda Server can write files. By default, the only directory to which images and documents can be saved is the images folder inside of the document root directory. Unless you have a really good reason to add another location, you should probably leave it this way.

The second security issue is that Corda Server can read files from URLs. Although this flexibility is one of Corda Server's most attractive features, it also opens up several possibilities. First of all, it makes it possible that your server can be used for denial of service attacks, by repeatedly requesting large documents from other web servers.

Also, it opens up the possibility for parasites—outside users who use your Corda Server to generate their own Corda images. For example, suppose the webmaster for a small website decides she wants the benefits of Corda Server, but doesn't want to buy it. All this webmaster has to do is figure out the address and port that your Corda Server runs on (which is easy to discover by viewing a web page's HTML), and she would instantly be able to use it to request and generate images for her own website. Of course, our more philanthropic customers might not mind lending a few graphs and maps to the less fortunate, but most users will have a problem with this behavior.

To prevent such abuse, the path.xml file allows you to specify a list of valid callback domains. The term callback describes any requests that Corda Server makes to an outside resource for information (appearance files, data, etc.).

Modifying path.xml

To add or remove path and URL permissions for Corda Server, you should modify the path.xml file.

To add permission to read from a specified URL

  1. Login to the Administration Console and go to the Security > Path / URL Permissions screen.

    2. The text box on this screen contains the contents of the path.xml file. You can edit the file directly in this text box.



  2. Copy the following text (which also appears at the top of the page in the Administration console) and paste it immediately above the last line:

    3. <Map Name="MyAppServer" Path="appservername.mycompany.com" Action="allowDomain"/>

  3. Replace MyAppServer (the value of the Name attribute) with the name you wish to give to this mapping.

    4. This name is for descriptive purposes only, and is entirely up to you. In fact, this step is entirely optional.

  4. Replace appservername.mycompany.com (the value of the Path attribute) with the name or IP address of the host from which you wish to allow Corda Server to read files.

    5. This will allow Corda Server to read any file that comes from the specified host. For example, if we specify www.mycoolstats.com, we could read from sources such as http://www.mycoolstats.com/data/110899.html, http://www.mycoolstats.com/renderer?name=bar&apfile=26, etc.

    You can also use wildcards. For instance, *.corda.com would allow any host in the corda.com domain (www.corda.com, popchart.corda.com, etc.). Similarly, 10.0.*.* would allow Corda Server to read from any IP address that begins with 10.0.

  5. Click on the Submit Changes button. You do not need to restart your Corda Server.

To add permission to read from a specified local path

  1. Login to the Administration Console and go to the Security > Path / URL Permissions screen.

    2. The text box on this screen contains the contents of the path.xml file. You can edit the file directly in this text box.

  2. Copy the following text and paste it immediately above the last line:

    3. <Map Name="Read" Path="./path" Action="Load"/>

    Note: This text is different from the text that appears in the Administration Console.

  3. Replace Read (the value of the Name attribute) with the name you wish to give to this mapping.

    4. This name is for descriptive purposes only, and is entirely up to you. In fact, this step is entirely optional.

  4. Replace ./path (the value of the Path attribute) with the local path from which you wish to allow Corda Server to read files.

    5. If you precede the path with ./, Corda Server will assume it to be relative to the document root. Otherwise, it will assume the path to be an absolute path, accessible to the machine on which Corda Server is running. You can also put a wildcard at the end of a path to indicate that Corda Server has permission to read from any of the path's subdirectories.

    For example, if you set this value to F:\InetPub\mydata\*, you are giving Corda Server permission to read anything from the F:\InetPub\mydata directory, as well as any of its subdirectories. If you set this value to ./data, you are giving Corda Server permission to read from the data directory in the document root, but none of its subdirectories.

  5. Click on the Submit Changes button. You do not need to restart your Corda Server.

<< Previous | Next >>

 CORDA
Installation and Administration 6.0 > Configuring Corda Server
Copyright © 1996-2004 CORDA Technologies Inc.™ - Corda Server™, Corda Builder™, PopChart™, OptiMap™, Highwire™,   All Rights Reserved. Last Updated: October 08, 2004