db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel John Debrunner (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-1387) Add JMX extensions to Derby
Date Fri, 01 Feb 2008 17:21:08 GMT

    [ https://issues.apache.org/jira/browse/DERBY-1387?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12564832#action_12564832
] 

Daniel John Debrunner commented on DERBY-1387:
----------------------------------------------

Can authenticateAsUser(String user, String password) in the database bean be explained more
fully?
Is there a single database bean for a database, or is a new one created for each jmx session
or connection (not sure of correct term here)?

If there is a single bean for a database then this authenticateAsUser seems to open up a big
security hole, once this operation is made any other valid jmx user can reconfigure the database,
even if they don't have valid database permissions.

Or can the authentication information be limited to a single jmx session, even with a single
bean?

Also, why is authenticateAsUser limited to the BUILTIN authentication scheme, since it is
just providing user/password to a connection request won't it be independent of the authorization
scheme in effect?

> Add JMX extensions to Derby
> ---------------------------
>
>                 Key: DERBY-1387
>                 URL: https://issues.apache.org/jira/browse/DERBY-1387
>             Project: Derby
>          Issue Type: New Feature
>          Components: Services
>            Reporter: Sanket Sharma
>            Assignee: John H. Embretsen
>         Attachments: DERBY-1387-1.diff, DERBY-1387-1.stat, DERBY-1387-2.diff, DERBY-1387-2.stat,
DERBY-1387-3.diff, DERBY-1387-3.stat, DERBY-1387-4.diff, DERBY-1387-4.stat, DERBY-1387-5.diff,
DERBY-1387-5.stat, DERBY-1387-6.zip, DERBY-1387-7.zip, DERBY-1387-8.zip, DERBY-1387-9.diff,
DERBY-1387-9.stat, derbyjmx.patch, jmx.diff, jmx.stat, jmxFuncspec.html, jmxFuncspec.html,
Requirements for JMX Updated.html, Requirements for JMX.html, Requirements for JMX.zip
>
>
> This is a draft requirement specification for adding monitoring and management extensions
to Apache Derby using JMX. The requirements document has been uploaded on JIRA as well as
the Derby Wiki page at http://wiki.apache.org/db-derby/_Requirement_Specifications_for_Monitoring_%26_Management_Extensions_using_JMX
> Developers and Users are requested to please look at the document (feature list in particular)
and add their own rating to features by adding a coloumn to the table.
> Comments are welcome.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message