Casper.Dik at sun.com wrote on 8/13/09 8:53 AM: > >> The v3 stop-domain command needs to execute the command on the server >> (as opposed to using "kill" or something like that), which means it >> needs to authenticate with the server. To allow v3 to be more >> compatible >> with v2, we're considering adding a new authentication mechanism that >> will "only" work in the local case. >> >> Roughly, here's how this would work... >> >> On server startup, the server would generate a large random number >> and write it in a file that is readable only by the owner of the >> file (the user who started the server). >> >> Local commands, such as stop-domain, would read this file if it's >> available and send the number as part of the authentication information >> to the server. The server would accept either the normal >> username/password >> authentication, or some special username along with this number as the >> password. > > In Solaris it's easy to know which user is on the other end of a local > connection. Why not use that information instead?
Can't get at it through Java without using native code, and I don't know how to do it on all platforms that we have to support.
