This week's book giveaway is in the OCAJP forum.
We're giving away four copies of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) and have Khalid A Mughal & Rolf W Rasmussen on-line!
See this thread for details.
Win a copy of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) this week in the OCAJP forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

DataSource lookup from remote swing client

 
dima chkh
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have app on Glassfish server with remote EJBs, which use JPA for database query.
I discovery that unauthorized users can lookup preconfigured DataSource on Glassfish server.
how can I protect DataSource from unauthorized users?
 
Paul Sturrock
Bartender
Posts: 10336
Eclipse IDE Hibernate Java
  • Likes 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You could secure your JNDI name space, secure the JVM with standard J2 security, or use a firewall to stop the JNDI traffic from remote clients. Or all of the above.
 
dima chkh
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Paul , can you post some link about JVM security options? it is possible to create authorization module with realm, like it is in EJB.
for example use my costum realm for user authorization to use my JNDI DataSource.


thanks !
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic