[jira] Commented: (GERONIMO-4296) Start Derby NetworkServerControl with credentials to prevent unauthorized shutdowns

Wed, 16 Dec 2009 20:58:50 -0800 

    [ 
https://issues.apache.org/jira/browse/GERONIMO-4296?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12791785#action_12791785
 ] 

Han Hong Fang commented on GERONIMO-4296:
-----------------------------------------

Here is the default derby user information. 

User: dbadim 
Password: manager 
Group: derbyadmin 

This user is used by Geronimo modules when operating with Derby. The user name 
and group name of default derby user can NOT be changed, but the default 
password can with following steps. 

1. Start Geronimo server
2. Change password of dbadmin in console >security > Users and Groups portlet 
3. Change the user password in existing datasources in console > Services > 
Database pools portlet 
4. Shutdown Geronimo server 
5. Change the userPassword attribute of DerbyNetwork GBean in 
var\config\config.xml 
6. Restart Geronimo server 

> Start Derby NetworkServerControl with credentials to prevent unauthorized 
> shutdowns
> -----------------------------------------------------------------------------------
>
>                 Key: GERONIMO-4296
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-4296
>             Project: Geronimo
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: databases
>    Affects Versions: 2.0.3, 2.1.3, 2.1.4, 2.2
>            Reporter: Donald Woods
>            Assignee: Donald Woods
>            Priority: Minor
>             Fix For: Wish List
>
>
> Use the new NetworkServerControl support in Derby 10.4.1.3 and later to start 
> our embedded Derby server with credentials, to prevent any other apps on 
> localhost from stopping our Derby instance.  The following Derby release note 
> details the scenario and the new API -
> http://db.apache.org/derby/releases/release-10.4.1.3.html#Note+for+DERBY-3585
> We could either use random uid/pwd values to start the Derby server, which 
> would be the most secure, but would keep other apps from using our Derby 
> server.  The other option, would be to set uid/pwd GBean attributes and 
> default the to the default system/manager values and leave it up to the user 
> to change them.
> Note:  This may also require some Samples, Testsuite and Portlet chagnes to 
> handle the required DB auth.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to