geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Forrest Xia (JIRA)" <j...@apache.org>
Subject [jira] Commented: (GERONIMO-5689) User-defined derby connection user name and password should be honored when enabling derby authentication
Date Mon, 15 Nov 2010 08:12:14 GMT

    [ https://issues.apache.org/jira/browse/GERONIMO-5689?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12932010#action_12932010
] 

Forrest Xia commented on GERONIMO-5689:
---------------------------------------

Found a way to allow user-defined derby connection user and password:
1. First, add an entry into var/security/users.properties for user-defined derby connection
user.
<user-defined derby connection username>=<user-defined password>
For example, the attached app, you need to add an entry like this:
app=app
2. Add an entry into var/security/groups.properties like this:
derby_<dbname>=<user-defined derby connection username>

Here the dbname is the derby database name. for example, 
derby_bankdb=app

> User-defined derby connection user name and password should be honored when enabling
derby authentication
> ---------------------------------------------------------------------------------------------------------
>
>                 Key: GERONIMO-5689
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-5689
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: databases
>    Affects Versions: 2.1.7, 2.2.1
>         Environment: ubuntu 10.04.1 LTS
> sun java 1.5.0_22
>            Reporter: Forrest Xia
>            Priority: Minor
>         Attachments: bank-ear-2.1.1.4.ear
>
>
> Consider this scenario:
> 1. User firstly disables derby authentication, then start the server and deploy an application
which is using embedded derby database. The datasource deployment plan is like this:
> <resourceadapter>
> 		<outbound-resourceadapter>
> 			<connection-definition>
> 				<connectionfactory-interface>javax.sql.DataSource</connectionfactory-interface>
> 				<connectiondefinition-instance>
> 					<name>BankPool</name>
> 					<config-property-setting name="Driver">org.apache.derby.jdbc.EmbeddedDriver</config-property-setting>
> 					<config-property-setting name="UserName">app</config-property-setting>
> 					<config-property-setting name="Password">app</config-property-setting>
> 					<config-property-setting name="ConnectionURL">jdbc:derby:BankDB;create=true</config-property-setting>
> 					<connectionmanager>
> 						<local-transaction/>
> 						<single-pool>
> 							<max-size>10</max-size>
> 							<min-size>0</min-size>
> 							<match-one/>
> 						</single-pool>
> 					</connectionmanager>
> 				</connectiondefinition-instance>
> 			</connection-definition>
> 		</outbound-resourceadapter>
> 	</resourceadapter>
> In the plan, user specifies an username and password.
> 2. Shutdown the server, enable derby authentication, and start the server again
> 3. Now the server cannot start successfullly, because this exception:
> Module 69/69 org.apache.geronimo.samples/bank-ear/2.1.1.4/car                       
      2010-11-15 15:12:25,224 WARN  [DerbyUserAuthenticator] User authentication failure (userName
userPassword databaseName): app app BankDB
> 2010-11-15 15:12:25,240 ERROR [MCFConnectionInterceptor] Error occurred creating ManagedConnection
for handle: nullManagedConnectionInfo: org.apache.geronimo.connector.outbound.ManagedConnectionInfo@123288b.
mc: null]
> javax.resource.spi.ResourceAllocationException: Unable to obtain physical connection
to jdbc:derby:BankDB;create=true
> ...
> Caused by: org.apache.geronimo.gbean.InvalidConfigurationException: Configuration org.apache.geronimo.samples/bank-ear/2.1.1.4/car
failed to start due to the following reasons:
>   The service J2EEApplication=org.apache.geronimo.samples/bank-ear/2.1.1.4/car,j2eeType=GBean,name=BankDBInit
did not start because Connection authentication failure occurred.  Reason: Invalid authentication..
> I think this exception may cause by derby user is hard-coded in code to acquire server
connection.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message