Hi, I think normally it's not a security problem to remember the user name. But I see in your case it might not be nice.
Did you try making the file ".h2.server.properties" read-only, as suggested? Regards, Thomas On Saturday, May 19, 2012, Dinusha Dilrukshi wrote: > HI, > > I looked into H2 source code and found that this is some excepted behavior > in DB Console where it sorted the last recently used connections in a > configuration file called .h2.server.properties. Other than this file , > HashMap has used to hold the recently accessed connection details. When H2 > Console getting loaded it first look in this connection HashMap, if it's > size is not zero then recent access connections are loaded to Console from > this Map, if it's size is zero then it loads the properties (driver, > jdbcUrl, user) from aforementioned configuration property file > '.h2.server.properties'. Therefore this is an obvious behavior in DB > Console where it is designed to be. > > Unfortunately this behavior is not designed where we can easily disable by > setting some configuration property. I have modified the H2 source code to > remove this behavior as we wanted. But I would like to know the possibility > of adding this as a configurable feature in future releases where we can > enable/disable by using configuration parameter. (set > store_last_recently_used_connections=true/false) . > > WDYT ? > > Regards, > Dinusha. > > > > On Thu, May 17, 2012 at 6:04 PM, Christoph Läubrich > <[email protected]<javascript:_e({}, 'cvml', '[email protected]');> > > wrote: > >> ** >> You can try to make this file read only. >> >> Am 17.05.2012 13:49, schrieb Dinusha Dilrukshi: >> >> Hi , >> >> I could able to found that this happens due to last recently used >> connections are saved in configuration file called ".h2.server.properties". >> Is there a way to disable this file being updated with those recent >> connection details ? >> >> Regards, >> Dinusha. >> >> >> >> On Thu, May 17, 2012 at 2:32 PM, Dinusha Dilrukshi < >> [email protected] <javascript:_e({}, 'cvml', >> '[email protected]');>> wrote: >> >>> Hi, >>> >>> We are using H2 db console to explore different databases and used by >>> different users. But each time it shows the last logged in user >>> details (except the password) even it is accessing by different user. >>> This is something not good in security vice. >>> >>> Could any one point me to relevant code where we can get fix it since >>> this it something urgent for us or is it possible to fix this for next >>> release. >>> >>> Regards, >>> Dinusha. >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "H2 Database" group. >> To post to this group, send email to >> [email protected]<javascript:_e({}, 'cvml', >> '[email protected]');> >> . >> To unsubscribe from this group, send email to >> [email protected] <javascript:_e({}, 'cvml', >> '[email protected]');>. >> For more options, visit this group at >> http://groups.google.com/group/h2-database?hl=en. >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "H2 Database" group. >> To post to this group, send email to >> [email protected]<javascript:_e({}, 'cvml', >> '[email protected]');> >> . >> To unsubscribe from this group, send email to >> [email protected] <javascript:_e({}, 'cvml', >> 'h2-database%[email protected]');>. >> For more options, visit this group at >> http://groups.google.com/group/h2-database?hl=en. >> > > -- > You received this message because you are subscribed to the Google Groups > "H2 Database" group. > To post to this group, send email to > [email protected]<javascript:_e({}, 'cvml', > '[email protected]');> > . > To unsubscribe from this group, send email to > [email protected] <javascript:_e({}, 'cvml', > 'h2-database%[email protected]');>. > For more options, visit this group at > http://groups.google.com/group/h2-database?hl=en. > -- You received this message because you are subscribed to the Google Groups "H2 Database" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/h2-database?hl=en.
