Re: Best Practices - Securing an Enterprise application using JBOSS & Postgres

On 8/06/2011 3:18 PM, eyal edri wrote:
> What settings would you recommend for using postgres in an enterprise
> application together with jboss?

Most such applications have the database servers on an isolated network
only accessible to the app server, not to the wider world. In these
cases you'd usually limit the IP range(s) the database servers will
accept connections from, firewall them off, and use a decent auth scheme
like md5 or Kerberos. I suspect that most configurations use md5 auth
for simplicity, and it's a reasonable choice.

Kerberos is certainly stronger and should be used if your database
server and app server are not on the same machine and your network has
Kerberos infrastructure already deployed. I wouldn't bother rolling out
Kerberos just for PostgreSQL and PgJDBC.

In smaller configurations the database is often on the same machine as
the appserver and set to only listen on the loopback address
(127.0.0.1). In this case md5 auth is more than sufficient.

Because most app servers use a single username and password to connect
to the database and provide a pool of connections, there isn't much
advantage to using LDAP or other directory auth schemes. It's really
intended for situations where you already have a user directory and you
want users in it to all have direct logins to the database system. In an
application server you'd usually configure the *app* *server* to auth
users against LDAP, using fixed credentials unrelated to the logged in
user for its database connections behind the scenes.

Certificate auth with SSL is useful, but probably not necessary or
worthwhile for an app server environment.

I'd stick to md5 unless you're already used to Kerberos and have
Kerberos infrastructure.

--
Craig Ringer

Tech-related writing at http://soapyfrogs.blogspot.com/