geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeremy Boynes <jboy...@apache.org>
Subject Re: Securing the Derby Network Server in Geronimo - related to GERONIMO-342
Date Sun, 30 Jan 2005 23:33:58 GMT
sissonj@insession.com wrote:
> Derby's DRDA (Distributed Relational Database Architecture) Network Server 
> 
> by default only listens for connections on the loopback address (which is 
> a good default) and does not have authentication turned on.
> 
> Therefore on a multiuser O/S this level of security seems inadequate as 
> any user on the localhost could connect to it using the DB2 Universal 
> Connector (specifying any userid and password as it will be ignored by the 
> 
> server) and start creating databases/tables etc. 
> 

Hmm - I thought that a username and password had to be supplied for a 
network connection.

> Q1. Are there any plans on how a default Geronimo configuration would 
> secure the embedded Derby Network Server?
> 

At the moment we are relying on Derby database security. Ultimately I 
hope to integrate that into the JACC authentication providers used by 
the rest of the container, and have a dream at some point of integrating 
Derby's authorization with the JACC policy provider.

> Q2. What would be the best way to restrict the remote IP addresses that 
> Derby will accept connections from (e.g. particular IP addresses)?  Should 
> 
> a policy file be used and passed to the JVM when starting Geronimo (see 
> http://incubator.apache.org/derby/manuals/admin/hubprnt30.html ) or is 
> there a better way for Geronimo?
> 

I haven't looked at that.

> Q3. Should we have some simple authentication enabled by shipping a sample 
> 
> geronimo\var\derby\derby.properties file that has something like the 
> following?
> 
> #
> #Security settings
> #
> derby.connection.requireAuthentication=true
> derby.authentication.provider=BUILTIN
> #
> # User and password list for Derby BUILTIN authentication provider
> #
> derby.user.system=manager
> derby.user.myapp=myapppswd
> 

I would prefer not to and at least integrate with the user/password 
realm we use for securing JMX remoting - that would mean in the default 
case the usernames/passwords would be the same. Of course, an admin 
could also set up a separate realm for the database.

--
Jeremy


Mime
View raw message