On Nov 29, 2007, at 1:49 PM, abpb2006 wrote:
oh i see. thanks.
Where and how do we change the default credentials for every user
instance?
In trunk and perhaps 2.0.2 the default security config is configured
in the server-security-config module. It's set up to use the
properties file login module. In trunk this is set up as a plugin
and the default properties files are included in the plugin. For
serious usage I'd recommend coming up with your own real-server-
security-config module using kerberos/ldap/sql/whatever and replacing
the default one with it using artifact_aliases.properties.
If you want to keep using the toy properties file login module but
just change the credentials you can edit var/security/
users.properties and var/security/groups.properties. The admin group
gets remote deploy/lifecycle access.
hope this helps
david jencks
Jacek Laskowski wrote:
On Nov 29, 2007 9:27 AM, abpb2006 <[EMAIL PROTECTED]> wrote:
What impact its gonna have evn if we use the same default user
name and
pwd
i.e. SYSTEM and MANAGER for all the instances.....can one user
instance
mess
other users deployed application/settings etc ?
If you ask about Geronimos working together to rule the world, I'd
say
it's not possible..today perhaps tomorrow ;-) Seriously, when someone
breaches one geronimo instance without knowing the admin credentials
(s)he cannot do much on another Geronimo instance - they're separate
entities and any outside connection is (supposed to be) authorized.
It's not recommended to leave the default system credentials
active as
it's widely known to everybody who has worked with Geronimo or wants
to pass its security fence.
Jacek
--
Jacek Laskowski
http://www.JacekLaskowski.pl
--
View this message in context: http://www.nabble.com/How-to-shut-
donwn-one-of-the-instances-on-Gronimo-while-they-were-started-by-
Multiple-server-command-cmd-line-tf4895464s134.html#a14035947
Sent from the Apache Geronimo - Users mailing list archive at
Nabble.com.
