db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rick Hillegas <rick.hille...@gmail.com>
Subject Re: any security how to guides for a hybrid derby setup?
Date Tue, 11 Dec 2018 18:34:38 GMT
For SSL/TLS protected connections, Derby relies on the SSL/TLS support 
provided by the JVM. So this is a JVM-configuration question. Here is 
the top answer which I get when I google for "application specific 
keystore in multi-tenant java jvm": 

Hope this helps,

On 12/11/18 6:20 AM, Alex O'Ree wrote:
> The derby security guide for enabling tls connection supports only 
> loading the keystore location/password from the global system 
> properties. Is there a way to provide this programmatically? I'd 
> rather not define this setting globally within the jvm as it's shared 
> with tomcat and a number of other components.
> There is a NetworkServerControl#getCurrentProperties() method. Can i 
> inject the javax.net.ssl properties through there before starting the 
> server?
> On Mon, Nov 26, 2018 at 7:10 PM Rick Hillegas <rick.hillegas@gmail.com 
> <mailto:rick.hillegas@gmail.com>> wrote:
>     On 11/26/18 3:58 PM, Alex O'Ree wrote:
>     > My primary use case is to use an embedded derby within my webapp
>     for
>     > storage and whatnot. I also have another requirement to provide
>     > localhost (and possible remote access) to the database via jdbc
>     > connection. I know how to get derby up and running
>     programmatically in
>     > embedded mode and with the network connection, however I'm not
>     super
>     > sure how to wire up authentication, permissions, ssl/tls, etc. Is
>     > there a guide somewhere for configuring this?
>     Hi Alex,
>     The Derby Security Guide should have all the information you need:
>     http://db.apache.org/derby/docs/10.14/security/index.html
>     Hope this helps,
>     -Rick

View raw message