Ashish Jain <[email protected]> writes: > derby.connection.requireAuthentication=true.
Setting this property in derby.properties makes it a system-wide property, cf. your issue with shutting down the server. You could also make it a database level property (it would then only protect access for that one database, but not server shutdown, I think). If you really want a system level property for derby.connection.requireAuthentication=true, you need to either use derby.properties or set a system wide property as long as you stick with Derby's built-in users. Note that Derby's built-in users system isn't recommended for production, cf. the caveat in: http://db.apache.org/derby/docs/10.6/devguide/cdevcsecure21547.html Hope this helps, Dag > > Following this I had used system call's something as follows: > "CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY('derby.user.test','test123');" > to provide secure access to database. > > Till this everything works fine. > > Next I utilize the NetworkServerControl api to start and stop a Network > Server. A Network Server > is created as follows--> NetworkServerControl(address, port). Start is fine. > However during network.shutdown() > I see the following exception: > > java.sql.SQLException: Connection authentication failure occurred. > Reason: Invalid authentication.. > at org.apache.derby.impl.drda.NetworkServerControlImpl. > throwSQLException(Unknown Source) > at org.apache.derby.impl.drda.NetworkServerControlImpl. > consolePropertyMessageWork(Unknown Source) > at org.apache.derby.impl.drda.NetworkServerControlImpl. > consolePropertyMessage(Unknown Source) > at org.apache.derby.impl.drda.NetworkServerControlImpl. > wrapSQLError(Unknown Source) > at org.apache.derby.impl.drda.NetworkServerControlImpl. > readResult(Unknown Source) > at org.apache.derby.impl.drda.NetworkServerControlImpl.shutdown > (Unknown Source) > at org.apache.derby.drda.NetworkServerControl.shutdown(Unknown > > This exception is legitimate since I do not provide any credentials to > create a Network Server and this also > helps to prevent server shutdown from any unauthorised personnel. I am able > to avoid this using the following > 2 steps: > > 1) Add derby.user.test=test123 is derby.properties file. > 2) create a Network Server Control object using > NetworkServerControl(address, port,"test","test123"); > > However I am not happy with this kind of solution because of the following: > 1) I had to set a system wide property that is "derby.user.test=test123". > 2) The password appears in plain text. > 3) I have to hard code the username/password while creating a > NetworkServerControl object. > > How can I avoid the above situation so that I > a) do not need to set password in plain text > b) do not need to set system wide properties > c) No hard coding username/password while creating a network server control > object. > > Kindly help!! > > Thanks > Ashish --
