db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bill Shannon <bill.shan...@sun.com>
Subject Re: User/password encryption and deployment
Date Fri, 15 Jun 2007 23:41:45 GMT
David Van Couvering wrote:
> Let's say I want to deploy my application client with Java DB to 1000
> different client machines.
> 
> If I understand things correctly, if you want to use encrypted
> user/password, you have to install the IBM JCE on each of these client
> machines and also go in and modify the java.security file in the
> lib/security directory of your JRE (see
> http://db.apache.org/derby/docs/10.2/adminguide/tadminapps811695.html)
> 
> This doesn't seem reasonable/feasible for large deployments, or am I
> missing something?
> 
> Also, the page doesn't tell you where to get the IBM JCE, except "IBM
> Developer Kit for the Java Platform 1.4 or later comes with IBM JCE".
> Hm.

Wouldn't you want to support something that also works with Sun's JRE,
without modification of the JRE?

Isn't username/password over SSL/TLS good enough?

Does the derby network protocol support a "STARTTLS" equivalent command?


Mime
View raw message