geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian Dellert" <bdell...@rcn.com>
Subject Re: Configuring embedded Derby security in Geronimo 2.0.2
Date Wed, 05 Mar 2008 21:30:01 GMT
This should solve my problem.  Thanks for the prompt repsonse.

- Brian
  ----- Original Message ----- 
  From: Vamsavardhana Reddy 
  To: user@geronimo.apache.org 
  Sent: Wednesday, March 05, 2008 12:46 AM
  Subject: Re: Configuring embedded Derby security in Geronimo 2.0.2


  you will need to create derby.properties under var/derby directory.  The properties file
will look like the following.
  derby.connection.requireAuthentication=true
  derby.authentication.provider=BUILTIN
  derby.user.userName1=password1
  derby.user.userName2=password2

  You can also use LDAP or your own authenticator instead of BUILTIN.  For more details, you
can consult http://db.apache.org/derby/binaries/jta-WE15.pdf .

  Once you enable derby security, you will need to change the user credentials in the database
pools accrodingly.  I suggest you edit the database pools first using Admin Console, stop
the server, create derby.properties and start the server.

  ++Vamsi

  On Wed, Mar 5, 2008 at 5:08 AM, Brian Dellert <bdellert@rcn.com> wrote:

    Hi.

    I am evaluating using the Derby instance embedded in Geronimo to store application-specific
data.  The data would be stored in a separate, application-specific database.  In order to
achieve this, I would need to lock down this application-specific database so that un-authorized
processes (which did not authenticate with a username/password) would not be able to access
the database.  This could occur, since it is possible to connect to the Derby instance on
port 1527 on the machine where Geronimo is running and, by default, no username/password is
required to connect.  It should be noted that there are scenarios in my application where
authorized remote processes will need to connect to this Derby instance, so simply disabling
the Derby 'network server' is not an adequate solution.  I searched through the Geronimo documentation
and this mailing list, but could not find any info on this topic.  Any help regarding how
to configure Geronimo to meet these requirements would be greatly appreciated.  Thanks.

    - Brian



Mime
View raw message