geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Radim Kolar (JIRA)" <>
Subject [jira] Commented: (GERONIMO-4296) Start Derby NetworkServerControl with credentials to prevent unauthorized shutdowns
Date Wed, 23 Sep 2009 19:17:16 GMT


Radim Kolar commented on GERONIMO-4296:

I see this as quite serious security problem. If this issue will not be fixed before 2.2,
it should be visibly noted in README that people should firewall derby listener from untrusted
clients. Same thing is for ActiveMQ broker.

correct thing for derby is to write derby.authentication.provider module and connect it to
user specified G security realm configurable via console portlet. 

Derby side is pretty simple: derby.authentication.provider class must implement the public
interface org.apache.derby.authentication.UserAuthenticator and throw exceptions of the type
java.sql.SQLException where appropriate.

> Start Derby NetworkServerControl with credentials to prevent unauthorized shutdowns
> -----------------------------------------------------------------------------------
>                 Key: GERONIMO-4296
>                 URL:
>             Project: Geronimo
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: databases
>    Affects Versions: 2.0.3, 2.1.3, 2.1.4, 2.2
>            Reporter: Donald Woods
>            Assignee: Donald Woods
>            Priority: Minor
>             Fix For: Wish List
> Use the new NetworkServerControl support in Derby and later to start our embedded
Derby server with credentials, to prevent any other apps on localhost from stopping our Derby
instance.  The following Derby release note details the scenario and the new API -
> We could either use random uid/pwd values to start the Derby server, which would be the
most secure, but would keep other apps from using our Derby server.  The other option, would
be to set uid/pwd GBean attributes and default the to the default system/manager values and
leave it up to the user to change them.
> Note:  This may also require some Samples, Testsuite and Portlet chagnes to handle the
required DB auth.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message