geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Sisson (JIRA)" <...@geronimo.apache.org>
Subject [jira] Created: (GERONIMO-842) Enhance DerbyNetworkGBean to allow secure Derby Network Client connections (once Derby is enhanced to allow secure connections).
Date Tue, 02 Aug 2005 11:10:35 GMT
Enhance DerbyNetworkGBean to allow secure Derby Network Client connections (once Derby is enhanced
to allow secure connections).
--------------------------------------------------------------------------------------------------------------------------------

         Key: GERONIMO-842
         URL: http://issues.apache.org/jira/browse/GERONIMO-842
     Project: Geronimo
        Type: Task
  Components: core, installer  
    Versions: 1.0-M4    
    Reporter: John Sisson
     Fix For: 1.0


I have created this issue to raise awareness of the security limitations of the Network Server
currently embeded in derby and to flag that the Geronimo installer/configuration tools may
need to be enhanced when Derby's client security is enhanced to allow the user to configure
security for the Network Server..

Currently the DerbyNetworkGBean only accepts connections from the localhost.  

Although this could be easily changed, it would not be secure even if Derby's current (version
10.1 at the time of writing) client security features are utilised.  Rather than repeating
information see the mails in the thread titled "DRDA Password Encryption (SECMEC_EUSRIDPWD
and SECMEC_USRENCPWD)" at:

http://mail-archives.apache.org/mod_mbox/db-derby-dev/200506.mbox/%3c20050616191041.GA5239@barbar.sun.com%3e

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message