db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Van Couvering" <da...@vancouvering.com>
Subject Re: User/password encryption and deployment
Date Sat, 16 Jun 2007 00:24:04 GMT
Good questions, Bill.   Yes, I would definitely want something that
works with Sun JRE.

I would think Derby over SSL is good enough.  I don't know that
STARTTLS is, and I don't know how you can configure Derby to work over
SSL/TLS.  Any pointers?

Francois worked on this, maybe he can answer.

Thanks,

David

On 6/15/07, Bill Shannon <bill.shannon@sun.com> wrote:
> David Van Couvering wrote:
> > Let's say I want to deploy my application client with Java DB to 1000
> > different client machines.
> >
> > If I understand things correctly, if you want to use encrypted
> > user/password, you have to install the IBM JCE on each of these client
> > machines and also go in and modify the java.security file in the
> > lib/security directory of your JRE (see
> > http://db.apache.org/derby/docs/10.2/adminguide/tadminapps811695.html)
> >
> > This doesn't seem reasonable/feasible for large deployments, or am I
> > missing something?
> >
> > Also, the page doesn't tell you where to get the IBM JCE, except "IBM
> > Developer Kit for the Java Platform 1.4 or later comes with IBM JCE".
> > Hm.
>
> Wouldn't you want to support something that also works with Sun's JRE,
> without modification of the JRE?
>
> Isn't username/password over SSL/TLS good enough?
>
> Does the derby network protocol support a "STARTTLS" equivalent command?
>
>

Mime
View raw message