db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rick Hillegas <rick.hille...@oracle.com>
Subject future of NetServlet
Date Mon, 11 Jul 2011 14:54:49 GMT
NetServlet is a scrap of code which runs in an app server. NetServlet 
can be used to bounce Derby servers and configure their trace streams. 
It has a lot of race conditions which would be fairly easy to clean up.

However, that is just the beginning of its problems. It doesn't appear 
to me that it even works if you are running your server the way you 
ought to, viz., with authentication turned on. The NetServlet apis do 
not provide a way to state your credentials. It appears that anyone can 
use NetServlet to bring up a Derby server and manipulate trace streams. 
Even more troubling, no-one can use NetServlet to bring a server 
down--not even a dbo or installation owner.

It is hard to imagine that anyone can actually use this code in 
production. Here are some possible actions we could take:

1) Fix the race conditions. At the same time, the user guides should 
clarify that NetServlet is only appropriate for development/testing 
purposes. It should not be used in production.

2) Add credentials to the NetServlet api. Probably this will break 
backward compatibility.

3) Remove NetServlet from Derby. Another backward compatibility issue..

4) In addition to (3), we could provide a new api for bouncing servers 
and configuring trace streams. JMX may be suited to this task and our 
JMX support already runs with credential checks under a Java security 
manager.

What are your thoughts?

Thanks,
-Rick


Mime
View raw message