db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Db-derby Wiki] Update of "DerbyTenThreeRelease" by DanDebrunner
Date Thu, 22 Feb 2007 18:43:06 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Db-derby Wiki" for change notification.

The following page has been changed by DanDebrunner:
http://wiki.apache.org/db-derby/DerbyTenThreeRelease

------------------------------------------------------------------------------
  The Secure Server work ([https://issues.apache.org/jira/browse/DERBY-2196 DERBY-2196]) introduces
the following incompatibility during upgrade from release 10.2:
  
  || '''Scenario''' || '''Old behavior''' || '''New behavior''' || '''Customer needs to make
these changes...''' ||
- ||  '''Unsecure but Authorized'''|| In this scenario, !NetworkServerControl is the main
entry point for the VM and the VM starts up without a !SecurityManager. However, the customer
has turned on user authentication|| The server comes up as before. However, under the hood,
 !NetworkServerControl installs a !SecurityManager. Among      other side-effects, this may
affect the running of      customer-written procedures and functions. The customer may need
to instrument her code to run under a !SecurityManager.|| Probably the customer does not need
to do anything. However, the customer may need to bring the server up with the -noSecurityManager
flag if the !SecurityManager causes her  problems--for instance, if she does not want to instrument
the rest of her application to work under a !SecurityManager.||
+ ||  '''Unsecure with authentication'''|| In this scenario, !NetworkServerControl is the
main entry point for the VM and the VM starts up without a !SecurityManager. However, the
customer has turned on user authentication at the system level|| The server comes up as before.
However, under the hood,  !NetworkServerControl installs a !SecurityManager. Among      other
side-effects, this may affect the running of      customer-written procedures and functions.
The customer may need to instrument her code to run under a !SecurityManager.|| Probably the
customer does not need to do anything. However, the customer may need to bring the server
up with the -noSecurityManager flag if the !SecurityManager causes her  problems--for instance,
if she does not want to instrument the rest of her application to work under a !SecurityManager.||
- ||  '''Unsecure and Unauthorized'''|| In this scenario, !NetworkServerControl is the main
entry point for the VM and the VM starts up without a !SecurityManager. In addition, there
is no user authentication.|| The server fails to come up because user authentication is not
turned on.|| The customer must either turn on user authentication or bring the server up with
the -noSecurityManager flag. ||
+ ||  '''Unsecure with no authentication'''|| In this scenario, !NetworkServerControl is the
main entry point for the VM and the VM starts up without a !SecurityManager. In addition,
there is no user authentication at the system level.|| The server fails to come up because
user authentication is not turned on.|| The customer must either turn on user authentication
or bring the server up with the -noSecurityManager flag. ||
  
  
  The DBA Powers work ([https://issues.apache.org/jira/browse/DERBY-2264 DERBY-2264]) introduces
the following incompatibility during upgrade from release 10.2:
  
  ||  '''Privilege'''|| '''Previous behavior...'''|| '''Behavior after these changes when
authentication is enabled...'''|| '''Impacts...'''|| '''How to upgrade application...'''||
- ||  '''shutdown database'''|| Anyone who could connect could shutdown a database.|| A database
can be shutdown only by  its owner.|| All applications which run with authentication.|| Anyone
who must shutdown the database must connect as the Database Owner.||
+ ||  '''shutdown database'''|| Anyone who could connect could shutdown a database.|| A database
can be shutdown only by  its owner.|| All applications which run with database or system authentication.||
Anyone who must shutdown the database must connect as the Database Owner. '''Risk that the
database owner is not a valid user in the authentication scheme, typically APP''' ||
- ||  '''upgrade database'''|| Anyone who could connect could upgrade the database.|| Only
the Database Owner can upgrade the database.|| All applications which run with authentication.||
Anyone who must upgrade the database must connect as the Database Owner.||
+ ||  '''upgrade database'''|| Anyone who could connect could upgrade the database.|| Only
the Database Owner can upgrade the database.|| All applications which run with database or
system authentication.|| Anyone who must upgrade the database must connect as the Database
Owner. '''Risk that the database owner is not a valid user in the authentication scheme, typically
APP'''||
- ||  '''encrypt database'''|| Anyone who could connect could encrypt the database.|| Only
the Database Owner can encrypt or re-encrypt the database.|| All applications which run with
authentication.|| Anyone who must encrypt the database must connect as the Database Owner.||
+ ||  '''encrypt database'''|| Anyone who could connect could encrypt the database.|| Only
the Database Owner can encrypt or re-encrypt the database.|| All applications which run with
database or system authentication.|| Anyone who must encrypt the database must connect as
the Database Owner.  '''Risk that the database owner is not a valid user in the authentication
scheme, typically APP'''||
  

Mime
View raw message