Therefore, if I bind a datasource into jndi, and fail to protect it via some contorted config (what we've thought of so far, is facades calling runAs beans through local interfaces), any user that can authenticate, and can write a java client (or find one), can access the database direct.
I was wondering if the same is possible in Geronimo...
So key questions are:
* are datasources by default serializable (does Geronimo use something like the wls remote ref or is the raw driver datastore used?)
* can client apps access the server jndi tree?
* if yes for the previous q, is there a way to bind an object that isn't remotely accessible?
Ken.
On 15 Sep 2004, at 17:01, Dain Sundstrom wrote:
On Sep 15, 2004, at 7:11 AM, Ken Horn wrote:
Quick question on remote JNDI access.
Does the java: provider below one provide remote access -- ie j2ee client app?
For security reasons, we want to be able to bind some/all resources for a given app into a jndi tree (by any reasonable means: subtree / provider / naming convention) that cannot be accessed outside of the cluster. This will stop users who can authenticate to the container, being able to write a client app, to pull (for example) a database connection out of jndi and bypass business rules to hit the db directly.
Ken,
I don't see how a remote client would be able to "pull" a database connection from jndi, since database connection is not serializable.
As for the meat of your question, I personally don't know the answer.
-dain
