db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ashish Jain <ashja...@gmail.com>
Subject Invalid authentication exception on enabling requireAuthentication=true
Date Thu, 04 Nov 2010 10:19:36 GMT
Hi Derby Team,

I am using Apache Geronimo which uses embedded derby as the default
database. Recently I tried to
enable authentication in derby by including a derby.properties file in with
content as
derby.connection.requireAuthentication=true.

Following this I had used system call's something as follows:
"CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY('derby.user.test','test123');"
to provide secure access to database.

Till this everything works fine.

Next I utilize the NetworkServerControl api to start and stop a Network
Server.  A Network Server
is created as follows--> NetworkServerControl(address, port). Start is fine.
However during network.shutdown()
I see the following exception:

java.sql.SQLException: Connection authentication failure occurred.
Reason: Invalid authentication..
        at org.apache.derby.impl.drda.NetworkServerControlImpl.
throwSQLException(Unknown Source)
        at org.apache.derby.impl.drda.NetworkServerControlImpl.
consolePropertyMessageWork(Unknown Source)
        at org.apache.derby.impl.drda.NetworkServerControlImpl.
consolePropertyMessage(Unknown Source)
        at org.apache.derby.impl.drda.NetworkServerControlImpl.
wrapSQLError(Unknown Source)
        at org.apache.derby.impl.drda.NetworkServerControlImpl.
readResult(Unknown Source)
        at org.apache.derby.impl.drda.NetworkServerControlImpl.shutdown
(Unknown Source)
        at org.apache.derby.drda.NetworkServerControl.shutdown(Unknown

This exception is legitimate since I do not provide any credentials to
create a Network Server and this also
helps to prevent server shutdown from any unauthorised personnel. I am able
to avoid this using the following
2 steps:

1) Add derby.user.test=test123 is derby.properties file.
2) create a Network Server Control object using
NetworkServerControl(address, port,"test","test123");

However I am not happy with this kind of solution  because of the following:
1) I had to set a system wide property that is "derby.user.test=test123".
2) The password appears in plain text.
3) I have to hard code the username/password while creating a
NetworkServerControl object.

How can I avoid the above situation so that I
a) do not need to  set password in plain text
b) do not need to  set system wide properties
c) No hard coding username/password while creating a network server control
object.

Kindly help!!

Thanks
Ashish

Mime
View raw message