you will need to create derby.properties under var/derby directory. The properties file will look like the following. derby.connection.requireAuthentication=true derby.authentication.provider=BUILTIN derby.user.userName1=password1 derby.user.userName2=password2
You can also use LDAP or your own authenticator instead of BUILTIN. For more details, you can consult http://db.apache.org/derby/binaries/jta-WE15.pdf . Once you enable derby security, you will need to change the user credentials in the database pools accrodingly. I suggest you edit the database pools first using Admin Console, stop the server, create derby.properties and start the server. ++Vamsi On Wed, Mar 5, 2008 at 5:08 AM, Brian Dellert <[EMAIL PROTECTED]> wrote: > Hi. > > I am evaluating using the Derby instance embedded in Geronimo to store > application-specific data. The data would be stored in a separate, > application-specific database. In order to achieve this, I would need to > lock down this application-specific database so that un-authorized processes > (which did not authenticate with a username/password) would not be able to > access the database. This could occur, since it is possible to connect to > the Derby instance on port 1527 on the machine where Geronimo is running > and, by default, no username/password is required to connect. It should be > noted that there are scenarios in my application where authorized remote > processes will need to connect to this Derby instance, so simply disabling > the Derby 'network server' is not an adequate solution. I searched through > the Geronimo documentation and this mailing list, but could not find any > info on this topic. Any help regarding how to configure Geronimo to meet > these requirements would be greatly appreciated. Thanks. > > - Brian > >
