This should solve my problem. Thanks for the prompt repsonse. - Brian ----- Original Message ----- From: Vamsavardhana Reddy To: [email protected] Sent: Wednesday, March 05, 2008 12:46 AM Subject: Re: Configuring embedded Derby security in Geronimo 2.0.2
you will need to create derby.properties under var/derby directory. The properties file will look like the following. derby.connection.requireAuthentication=true derby.authentication.provider=BUILTIN derby.user.userName1=password1 derby.user.userName2=password2 You can also use LDAP or your own authenticator instead of BUILTIN. For more details, you can consult http://db.apache.org/derby/binaries/jta-WE15.pdf . Once you enable derby security, you will need to change the user credentials in the database pools accrodingly. I suggest you edit the database pools first using Admin Console, stop the server, create derby.properties and start the server. ++Vamsi On Wed, Mar 5, 2008 at 5:08 AM, Brian Dellert <[EMAIL PROTECTED]> wrote: Hi. I am evaluating using the Derby instance embedded in Geronimo to store application-specific data. The data would be stored in a separate, application-specific database. In order to achieve this, I would need to lock down this application-specific database so that un-authorized processes (which did not authenticate with a username/password) would not be able to access the database. This could occur, since it is possible to connect to the Derby instance on port 1527 on the machine where Geronimo is running and, by default, no username/password is required to connect. It should be noted that there are scenarios in my application where authorized remote processes will need to connect to this Derby instance, so simply disabling the Derby 'network server' is not an adequate solution. I searched through the Geronimo documentation and this mailing list, but could not find any info on this topic. Any help regarding how to configure Geronimo to meet these requirements would be greatly appreciated. Thanks. - Brian
