Mailing-List: contact user-help@geronimo.apache.org; run by ezmlm
Precedence: bulk
Reply-To: user@geronimo.apache.org
Received-SPF: pass (nike.apache.org: local policy)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
  s=s1024; d=yahoo.com;
  h=Received:X-YMail-OSG:Mime-Version:In-Reply-To:References:Content-Type:Message-Id:Content-Transfer-Encoding:From:Subject:Date:To:X-Mailer;
  b=NmFcQ4J+Rvy/Eug9nGkfaH2XUEhuH4sVr1scHYOgUsk/WyFqYYu7BpgQh28OjXkzQ3Ifh6xwrJkbCXRDo9mV61W4rIg8VTt/xm4Yltc7buncfLEfhtOVtJklhqtshUbiBhaSUl+u3/8/+sKCcOwMTuEGls0erUZH/4fBy5bm7Ss=
  ;
Mime-Version: 1.0 (Apple Message framework v752.3)
In-Reply-To: <14035947.post@talk.nabble.com>
References: <14020472.post@talk.nabble.com>
 <1b5bfeb50711282316j5c753606o59c2d6d614af6260@mail.gmail.com>
 <14020710.post@talk.nabble.com>
 <1b5bfeb50711282346o719c797h6e1dabf24b51324d@mail.gmail.com>
 <14021262.post@talk.nabble.com>
 <1b5bfeb50711290037g321ff715s5f01abd7bab9a653@mail.gmail.com>
 <14035947.post@talk.nabble.com>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <F2771E0E-19DF-4B9B-82B2-AD25C9FC7D7B@yahoo.com>
Content-Transfer-Encoding: 7bit
From: David Jencks <david_jencks@yahoo.com>
Subject: Re: How to shut donwn one of the instances on Gronimo while they were
 started by Multiple server command cmd line
Date: Thu, 29 Nov 2007 14:17:05 -0800
To: user@geronimo.apache.org


On Nov 29, 2007, at 1:49 PM, abpb2006 wrote:

>
> oh i see. thanks.
>
> Where and how do we change the default credentials for every user  
> instance?

In trunk and perhaps 2.0.2 the default security config is configured  
in the server-security-config module.  It's set up to use the  
properties file login module.  In trunk this is set up as a plugin  
and the default properties files are included in the plugin.  For  
serious usage I'd recommend coming up with your own real-server- 
security-config module using kerberos/ldap/sql/whatever and replacing  
the default one with it using artifact_aliases.properties.

If you want to keep using the toy properties file login module but  
just change the credentials you can edit var/security/ 
users.properties and var/security/groups.properties.  The admin group  
gets remote deploy/lifecycle access.

hope this helps
david jencks

>
>
>
>
> Jacek Laskowski wrote:
>>
>> On Nov 29, 2007 9:27 AM, abpb2006 <abpb2006@yahoo.com> wrote:
>>
>>> What impact its gonna have evn if we use the same default user  
>>> name and
>>> pwd
>>> i.e. SYSTEM and MANAGER for all the instances.....can one user  
>>> instance
>>> mess
>>> other users deployed application/settings etc ?
>>
>> If you ask about Geronimos working together to rule the world, I'd  
>> say
>> it's not possible..today perhaps tomorrow ;-) Seriously, when someone
>> breaches one geronimo instance without knowing the admin credentials
>> (s)he cannot do much on another Geronimo instance - they're separate
>> entities and any outside connection is (supposed to be) authorized.
>> It's not recommended to leave the default system credentials  
>> active as
>> it's widely known to everybody who has worked with Geronimo or wants
>> to pass its security fence.
>>
>> Jacek
>>
>> -- 
>> Jacek Laskowski
>> http://www.JacekLaskowski.pl
>>
>>
>
> -- 
> View this message in context: http://www.nabble.com/How-to-shut- 
> donwn-one-of-the-instances-on-Gronimo-while-they-were-started-by- 
> Multiple-server-command-cmd-line-tf4895464s134.html#a14035947
> Sent from the Apache Geronimo - Users mailing list archive at  
> Nabble.com.
>