aspose file tools*
The moose likes EJB and other Java EE Technologies and the fly likes DataSource lookup from remote swing client Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Soft Skills this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "DataSource lookup from remote swing client" Watch "DataSource lookup from remote swing client" New topic
Author

DataSource lookup from remote swing client

dima chkh
Greenhorn

Joined: Nov 22, 2010
Posts: 2
I have app on Glassfish server with remote EJBs, which use JPA for database query.
I discovery that unauthorized users can lookup preconfigured DataSource on Glassfish server.
how can I protect DataSource from unauthorized users?
Paul Sturrock
Bartender

Joined: Apr 14, 2004
Posts: 10336

You could secure your JNDI name space, secure the JVM with standard J2 security, or use a firewall to stop the JNDI traffic from remote clients. Or all of the above.


JavaRanch FAQ HowToAskQuestionsOnJavaRanch
dima chkh
Greenhorn

Joined: Nov 22, 2010
Posts: 2
Paul , can you post some link about JVM security options? it is possible to create authorization module with realm, like it is in EJB.
for example use my costum realm for user authorization to use my JNDI DataSource.


thanks !
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: DataSource lookup from remote swing client