Enhance DerbyNetworkGBean to allow secure Derby Network Client connections
(once Derby is enhanced to allow secure connections).
--------------------------------------------------------------------------------------------------------------------------------
Key: GERONIMO-842
URL: http://issues.apache.org/jira/browse/GERONIMO-842
Project: Geronimo
Type: Task
Components: core, installer
Versions: 1.0-M4
Reporter: John Sisson
Fix For: 1.0
I have created this issue to raise awareness of the security limitations of the
Network Server currently embeded in derby and to flag that the Geronimo
installer/configuration tools may need to be enhanced when Derby's client
security is enhanced to allow the user to configure security for the Network
Server..
Currently the DerbyNetworkGBean only accepts connections from the localhost.
Although this could be easily changed, it would not be secure even if Derby's
current (version 10.1 at the time of writing) client security features are
utilised. Rather than repeating information see the mails in the thread titled
"DRDA Password Encryption (SECMEC_EUSRIDPWD and SECMEC_USRENCPWD)" at:
http://mail-archives.apache.org/mod_mbox/db-derby-dev/200506.mbox/[EMAIL
PROTECTED]
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
