Return-Path: Delivered-To: apmail-geronimo-dev-archive@www.apache.org Received: (qmail 98652 invoked from network); 8 Nov 2010 09:48:18 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 8 Nov 2010 09:48:18 -0000 Received: (qmail 9590 invoked by uid 500); 8 Nov 2010 09:48:49 -0000 Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org Received: (qmail 9331 invoked by uid 500); 8 Nov 2010 09:48:46 -0000 Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list dev@geronimo.apache.org Received: (qmail 9322 invoked by uid 99); 8 Nov 2010 09:48:45 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 08 Nov 2010 09:48:45 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.22] (HELO thor.apache.org) (140.211.11.22) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 08 Nov 2010 09:48:45 +0000 Received: from thor (localhost [127.0.0.1]) by thor.apache.org (8.13.8+Sun/8.13.8) with ESMTP id oA89mObC017812 for ; Mon, 8 Nov 2010 09:48:24 GMT Message-ID: <28545736.71961289209704648.JavaMail.jira@thor> Date: Mon, 8 Nov 2010 04:48:24 -0500 (EST) From: "Forrest Xia (JIRA)" To: dev@geronimo.apache.org Subject: [jira] Closed: (GERONIMO-4296) Start Derby NetworkServerControl with credentials to prevent unauthorized shutdowns In-Reply-To: <2048027732.1221064304232.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/GERONIMO-4296?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Forrest Xia closed GERONIMO-4296. --------------------------------- Resolution: Fixed Fix Version/s: (was: 2.2.2) 2.2.1 Commit to 2.2 branch at rev 1032508. So close it for now. If any bug related, pls open a new jira against the proper server version. > Start Derby NetworkServerControl with credentials to prevent unauthorized shutdowns > ----------------------------------------------------------------------------------- > > Key: GERONIMO-4296 > URL: https://issues.apache.org/jira/browse/GERONIMO-4296 > Project: Geronimo > Issue Type: Improvement > Security Level: public(Regular issues) > Components: databases > Affects Versions: 2.0.3, 2.1.3, 2.1.4, 2.2 > Reporter: Donald Woods > Assignee: Ivan > Priority: Minor > Fix For: 2.1.7, 2.2.1 > > Attachments: G4296-Patch-branch-21.zip, G4296-Patch-branch-22.zip > > > Use the new NetworkServerControl support in Derby 10.4.1.3 and later to start our embedded Derby server with credentials, to prevent any other apps on localhost from stopping our Derby instance. The following Derby release note details the scenario and the new API - > http://db.apache.org/derby/releases/release-10.4.1.3.html#Note+for+DERBY-3585 > We could either use random uid/pwd values to start the Derby server, which would be the most secure, but would keep other apps from using our Derby server. The other option, would be to set uid/pwd GBean attributes and default the to the default system/manager values and leave it up to the user to change them. > Note: This may also require some Samples, Testsuite and Portlet chagnes to handle the required DB auth. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.