geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ken Horn <ken.h...@clara.co.uk>
Subject Re: JNDI provider / remote jndi
Date Wed, 15 Sep 2004 21:14:27 GMT
On WLS, the datastore on the default drivers is serializable (it's 
bound to the clustered jndi, via a ClusterRemoteRef), and so an servlet 
/ ejb /  client app can grab the ds from jndi (this may be using JNDI 
Reference / Factory stuff). The ds can then create a direct db 
connection from the code to the db.

Therefore, if I bind a datasource into jndi, and fail to protect it via 
some contorted config (what we've thought of so far, is facades calling 
runAs beans through local interfaces), any user that can authenticate, 
and can write a java client (or find one), can access the database 
direct.

I was wondering if the same is possible in Geronimo...

So key questions are:
* are datasources by default serializable (does Geronimo use something 
like the wls remote ref or is the raw driver datastore used?)
* can client apps access the server jndi tree?
* if yes for the previous q, is there a way to bind an object that 
isn't remotely accessible?


Ken.

On 15 Sep 2004, at 17:01, Dain Sundstrom wrote:

> On Sep 15, 2004, at 7:11 AM, Ken Horn wrote:
>
>> Quick question on remote JNDI access.
>>
>> Does the java: provider below one provide remote access -- ie j2ee 
>> client app?
>>
>> For security reasons, we want to be able to bind some/all resources 
>> for a given app into a jndi tree (by any reasonable means: subtree / 
>> provider / naming convention) that cannot be accessed outside of the 
>> cluster. This will stop users who can authenticate to the container, 
>> being able to write a client app, to pull (for example) a database 
>> connection out of jndi and bypass business rules to hit the db 
>> directly.
>
> Ken,
>
> I don't see how a remote client would be able to "pull" a database 
> connection from jndi, since database connection is not serializable.
>
> As for the meat of your question, I personally don't know the answer.
>
> -dain
>
>
>


Mime
View raw message