ENT-2188 fix H2 insecure default configuration (#3692)

Set the "h2.allowedClasses" system property, require database password when exposing H2 server on non-localhost address, samples start H2 server by default (reintroduces the behaviour before h2Settings.address configuration option was added)
2025-06-13 04:38:19 +00:00 · 2018-08-01 11:50:42 +01:00
parent 7182542724
commit c23167f08e
19 changed files with 220 additions and 15 deletions
--- a/docs/source/example-code/build.gradle
+++ b/docs/source/example-code/build.gradle
@ -86,6 +86,7 @@ task deployNodes(type: net.corda.plugins.Cordform, dependsOn: ['jar']) {
            adminAddress "localhost:10013"
        }
        webPort 10004
+        extraConfig = ['h2Settings.address' : 'localhost:10014']
        cordapps = []
    }
    node {
@ -96,6 +97,7 @@ task deployNodes(type: net.corda.plugins.Cordform, dependsOn: ['jar']) {
            adminAddress "localhost:10016"
        }
        webPort 10007
+        extraConfig = ['h2Settings.address' : 'localhost:10017']
        cordapps = []
        rpcUsers = [
                ['username' : "user",