db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kristian Waagan <kristian.waa...@oracle.com>
Subject Re: Derby server listening on different interfaces
Date Wed, 19 Sep 2012 13:40:17 GMT
On 19.09.2012 15:13, Maison Mo wrote:
> Hello Derby users,
> I have a rather unusual use case, where I have two clients using the same Derby DB. Thus
I use a Derby server.
> One client is on the same host as the derby server, whereas the second one is not ; I
have security concerns with the non local client that will most probably require SSL with
client/server authentication.
> For performance reasons, I planned to use localhost interface without ssl for the localhost
client, and ssl authentication for the remote client only.
> I'd like to know if this is feasible with Derby ? Based on my readings on admin documentation,
I am afraid not.
> What would you recommend in that case ?


Have you considered if it is feasible to have the local client use the 
embedded driver and the remote client use the network driver?
This setup is referred to as "embedded server". There are many things 
that may make it hard to use, for instance that your local client is 
shut down but the remote client most still be able to access the database.

I haven't confirmed this, but I too suspect that listening to one 
interface using SSL and one without SSL isn't supported by Derby.
Given that the embedded server approach is unfeasible, you may have to 
choose between improved security wrt the remote client and overhead for 
the local client :(


> Regards,
>    M. Maison

View raw message