Start Derby NetworkServerControl with credentials to prevent unauthorized
shutdowns
-----------------------------------------------------------------------------------
Key: GERONIMO-4296
URL: https://issues.apache.org/jira/browse/GERONIMO-4296
Project: Geronimo
Issue Type: Improvement
Security Level: public (Regular issues)
Components: databases
Affects Versions: 2.0.3, 2.1.3, 2.1.4, 2.2
Reporter: Donald Woods
Assignee: Donald Woods
Priority: Minor
Fix For: 2.2
Use the new NetworkServerControl support in Derby 10.4.1.3 and later to start
our embedded Derby server with credentials, to prevent any other apps on
localhost from stopping our Derby instance. The following Derby release note
details the scenario and the new API -
http://db.apache.org/derby/releases/release-10.4.1.3.html#Note+for+DERBY-3585
We could either use random uid/pwd values to start the Derby server, which
would be the most secure, but would keep other apps from using our Derby
server. The other option, would be to set uid/pwd GBean attributes and default
the to the default system/manager values and leave it up to the user to change
them.
Note: This may also require some Samples, Testsuite and Portlet chagnes to
handle the required DB auth.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
