[
https://issues.apache.org/jira/browse/GERONIMO-4296?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12929515#action_12929515
]
Forrest Xia commented on GERONIMO-4296:
---------------------------------------
Verify the patch on G 2.1.7 snapshot, and commit it to 2.1 branch at rev
1032500.
> Start Derby NetworkServerControl with credentials to prevent unauthorized
> shutdowns
> -----------------------------------------------------------------------------------
>
> Key: GERONIMO-4296
> URL: https://issues.apache.org/jira/browse/GERONIMO-4296
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: databases
> Affects Versions: 2.0.3, 2.1.3, 2.1.4, 2.2
> Reporter: Donald Woods
> Assignee: Ivan
> Priority: Minor
> Fix For: 2.1.7, 2.2.2
>
> Attachments: G4296-Patch-branch-21.zip, G4296-Patch-branch-22.zip
>
>
> Use the new NetworkServerControl support in Derby 10.4.1.3 and later to start
> our embedded Derby server with credentials, to prevent any other apps on
> localhost from stopping our Derby instance. The following Derby release note
> details the scenario and the new API -
> http://db.apache.org/derby/releases/release-10.4.1.3.html#Note+for+DERBY-3585
> We could either use random uid/pwd values to start the Derby server, which
> would be the most secure, but would keep other apps from using our Derby
> server. The other option, would be to set uid/pwd GBean attributes and
> default the to the default system/manager values and leave it up to the user
> to change them.
> Note: This may also require some Samples, Testsuite and Portlet chagnes to
> handle the required DB auth.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
