geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Matt Hogstrom (JIRA)" <...@geronimo.apache.org>
Subject [jira] Updated: (GERONIMO-842) Enhance DerbyNetworkGBean to allow secure Derby Network Client connections (once Derby is enhanced to allow secure connections).
Date Sat, 10 Dec 2005 00:01:10 GMT
     [ http://issues.apache.org/jira/browse/GERONIMO-842?page=all ]

Matt Hogstrom updated GERONIMO-842:
-----------------------------------

    Fix Version: Wish List
                     (was: 1.0)

Moving to Wish List

> Enhance DerbyNetworkGBean to allow secure Derby Network Client connections (once Derby
is enhanced to allow secure connections).
> --------------------------------------------------------------------------------------------------------------------------------
>
>          Key: GERONIMO-842
>          URL: http://issues.apache.org/jira/browse/GERONIMO-842
>      Project: Geronimo
>         Type: Task
>   Components: core, installer
>     Versions: 1.0-M4
>     Reporter: John Sisson
>      Fix For: Wish List

>
> I have created this issue to raise awareness of the security limitations of the Network
Server currently embeded in derby and to flag that the Geronimo installer/configuration tools
may need to be enhanced when Derby's client security is enhanced to allow the user to configure
security for the Network Server..
> Currently the DerbyNetworkGBean only accepts connections from the localhost.  
> Although this could be easily changed, it would not be secure even if Derby's current
(version 10.1 at the time of writing) client security features are utilised.  Rather than
repeating information see the mails in the thread titled "DRDA Password Encryption (SECMEC_EUSRIDPWD
and SECMEC_USRENCPWD)" at:
> http://mail-archives.apache.org/mod_mbox/db-derby-dev/200506.mbox/%3c20050616191041.GA5239@barbar.sun.com%3e

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message