On 4/12/13 3:49 PM, Al Eridani wrote:
This may not be possible out-of-the-box, but here it goes, in case
someone can help.
We have an application that uses Derby with a single database and,
until now, with no authentication.
The application can be configured to start Derby with either the
embedded or client data sources. The client data source is not needed
by the application, but it is useful to remotely monitor the data.
We would like to require authentication only for remote users, not the
application. Alternatively, we could live with requiring
authentication when the application boots Derby using the client data
source, but not when using the embedded data source.
The documentation does not address this. Does anybody have any ideas?
Thanks!
Al
Hi Al,
I don't know any way to do this purely within Derby's public API.
However, you could write your own custom authenticator which checks to
see whether the DRDAConnThread class appears on the stack returned by
Thread.getStackTrace(). DRDAConnThread will only appear on the stack if
you are authenticating a network connection request. Note that there are
no guarantees that this will work in future revs of Derby; however,
DRDAConnThread has been around for 7 years and no-one has suggested
removing it.
Hope this helps,
-Rick
