db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rick Hillegas <rick.hille...@oracle.com>
Subject Re: Authentication required only for remote users?
Date Mon, 15 Apr 2013 13:37:01 GMT
On 4/12/13 3:49 PM, Al Eridani wrote:
> This may not be possible out-of-the-box, but here it goes, in case 
> someone can help.
>
> We have an application that uses Derby with a single database and, 
> until now, with no authentication.
>
> The application can be configured to start Derby with either the 
> embedded or client data sources. The client data source is not needed 
> by the application, but it is useful to remotely monitor the data.
>
> We would like to require authentication only for remote users, not the 
> application. Alternatively, we could live with requiring 
> authentication when the application boots Derby using the client data 
> source, but not when using the embedded data source.
>
> The documentation does not address this. Does anybody have any ideas? 
> Thanks!
>
> Al
>
Hi Al,

I don't know any way to do this purely within Derby's public API. 
However, you could write your own custom authenticator which checks to 
see whether the DRDAConnThread class appears on the stack returned by 
Thread.getStackTrace(). DRDAConnThread will only appear on the stack if 
you are authenticating a network connection request. Note that there are 
no guarantees that this will work in future revs of Derby; however, 
DRDAConnThread has been around for 7 years and no-one has suggested 
removing it.

Hope this helps,
-Rick

Mime
View raw message