geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vamsavardhana Reddy" <c1vams...@gmail.com>
Subject Re: Configuring embedded Derby security in Geronimo 2.0.2
Date Thu, 06 Mar 2008 06:28:18 GMT
Do reply once your issue is resolved or if you need more help.

++Vamsi

On Thu, Mar 6, 2008 at 3:00 AM, Brian Dellert <bdellert@rcn.com> wrote:

>  This should solve my problem.  Thanks for the prompt repsonse.
>
> - Brian
>
> ----- Original Message -----
> *From:* Vamsavardhana Reddy <c1vamsi1c@gmail.com>
> *To:* user@geronimo.apache.org
> *Sent:* Wednesday, March 05, 2008 12:46 AM
> *Subject:* Re: Configuring embedded Derby security in Geronimo 2.0.2
>
> you will need to create derby.properties under var/derby directory.  The
> properties file will look like the following.
> derby.connection.requireAuthentication=true
> derby.authentication.provider=BUILTIN
> derby.user.userName1=password1
> derby.user.userName2=password2
>
> You can also use LDAP or your own authenticator instead of BUILTIN.  For
> more details, you can consult
> http://db.apache.org/derby/binaries/jta-WE15.pdf .
>
> Once you enable derby security, you will need to change the user
> credentials in the database pools accrodingly.  I suggest you edit the
> database pools first using Admin Console, stop the server, create
> derby.properties and start the server.
>
> ++Vamsi
> On Wed, Mar 5, 2008 at 5:08 AM, Brian Dellert <bdellert@rcn.com> wrote:
>
> >  Hi.
> >
> > I am evaluating using the Derby instance embedded in Geronimo to store
> > application-specific data.  The data would be stored in a separate,
> > application-specific database.  In order to achieve this, I would need to
> > lock down this application-specific database so that un-authorized processes
> > (which did not authenticate with a username/password) would not be able to
> > access the database.  This could occur, since it is possible to connect to
> > the Derby instance on port 1527 on the machine where Geronimo is running
> > and, by default, no username/password is required to connect.  It should be
> > noted that there are scenarios in my application where authorized remote
> > processes will need to connect to this Derby instance, so simply disabling
> > the Derby 'network server' is not an adequate solution.  I searched through
> > the Geronimo documentation and this mailing list, but could not find any
> > info on this topic.  Any help regarding how to configure Geronimo to meet
> > these requirements would be greatly appreciated.  Thanks.
> >
> > - Brian
> >
> >
>
>

Mime
View raw message