You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@geronimo.apache.org by "John Sisson (JIRA)" <de...@geronimo.apache.org> on 2005/08/02 13:10:35 UTC

[jira] Created: (GERONIMO-842) Enhance DerbyNetworkGBean to allow secure Derby Network Client connections (once Derby is enhanced to allow secure connections).

Enhance DerbyNetworkGBean to allow secure Derby Network Client connections (once Derby is enhanced to allow secure connections).
--------------------------------------------------------------------------------------------------------------------------------

         Key: GERONIMO-842
         URL: http://issues.apache.org/jira/browse/GERONIMO-842
     Project: Geronimo
        Type: Task
  Components: core, installer  
    Versions: 1.0-M4    
    Reporter: John Sisson
     Fix For: 1.0


I have created this issue to raise awareness of the security limitations of the Network Server currently embeded in derby and to flag that the Geronimo installer/configuration tools may need to be enhanced when Derby's client security is enhanced to allow the user to configure security for the Network Server..

Currently the DerbyNetworkGBean only accepts connections from the localhost.  

Although this could be easily changed, it would not be secure even if Derby's current (version 10.1 at the time of writing) client security features are utilised.  Rather than repeating information see the mails in the thread titled "DRDA Password Encryption (SECMEC_EUSRIDPWD and SECMEC_USRENCPWD)" at:

http://mail-archives.apache.org/mod_mbox/db-derby-dev/200506.mbox/%3c20050616191041.GA5239@barbar.sun.com%3e

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira

[jira] Updated: (GERONIMO-842) Enhance DerbyNetworkGBean to allow secure Derby Network Client connections (once Derby is enhanced to allow secure connections).

Posted by "Matt Hogstrom (JIRA)" <de...@geronimo.apache.org>.

     [ http://issues.apache.org/jira/browse/GERONIMO-842?page=all ]

Matt Hogstrom updated GERONIMO-842:
-----------------------------------

    Fix Version: Wish List
                     (was: 1.0)

Moving to Wish List

> Enhance DerbyNetworkGBean to allow secure Derby Network Client connections (once Derby is enhanced to allow secure connections).
> --------------------------------------------------------------------------------------------------------------------------------
>
>          Key: GERONIMO-842
>          URL: http://issues.apache.org/jira/browse/GERONIMO-842
>      Project: Geronimo
>         Type: Task
>   Components: core, installer
>     Versions: 1.0-M4
>     Reporter: John Sisson
>      Fix For: Wish List

>
> I have created this issue to raise awareness of the security limitations of the Network Server currently embeded in derby and to flag that the Geronimo installer/configuration tools may need to be enhanced when Derby's client security is enhanced to allow the user to configure security for the Network Server..
> Currently the DerbyNetworkGBean only accepts connections from the localhost.  
> Although this could be easily changed, it would not be secure even if Derby's current (version 10.1 at the time of writing) client security features are utilised.  Rather than repeating information see the mails in the thread titled "DRDA Password Encryption (SECMEC_EUSRIDPWD and SECMEC_USRENCPWD)" at:
> http://mail-archives.apache.org/mod_mbox/db-derby-dev/200506.mbox/%3c20050616191041.GA5239@barbar.sun.com%3e

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira

[jira] Updated: (GERONIMO-842) Enhance DerbyNetworkGBean to allow secure Derby Network Client connections (once Derby is enhanced to allow secure connections).

Posted by "John Sisson (JIRA)" <de...@geronimo.apache.org>.

     [ http://issues.apache.org/jira/browse/GERONIMO-842?page=all ]

John Sisson updated GERONIMO-842:
---------------------------------

    Version: 1.0-M4

> Enhance DerbyNetworkGBean to allow secure Derby Network Client connections (once Derby is enhanced to allow secure connections).
> --------------------------------------------------------------------------------------------------------------------------------
>
>          Key: GERONIMO-842
>          URL: http://issues.apache.org/jira/browse/GERONIMO-842
>      Project: Geronimo
>         Type: Task
>   Components: core, installer
>     Versions: 1.0-M4
>     Reporter: John Sisson
>      Fix For: 1.0

>
> I have created this issue to raise awareness of the security limitations of the Network Server currently embeded in derby and to flag that the Geronimo installer/configuration tools may need to be enhanced when Derby's client security is enhanced to allow the user to configure security for the Network Server..
> Currently the DerbyNetworkGBean only accepts connections from the localhost.  
> Although this could be easily changed, it would not be secure even if Derby's current (version 10.1 at the time of writing) client security features are utilised.  Rather than repeating information see the mails in the thread titled "DRDA Password Encryption (SECMEC_EUSRIDPWD and SECMEC_USRENCPWD)" at:
> http://mail-archives.apache.org/mod_mbox/db-derby-dev/200506.mbox/%3c20050616191041.GA5239@barbar.sun.com%3e

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira