db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Db-derby Wiki] Update of "DerbyTenThreeRelease" by RichardHillegas
Date Thu, 22 Feb 2007 20:02:46 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Db-derby Wiki" for change notification.

The following page has been changed by RichardHillegas:
http://wiki.apache.org/db-derby/DerbyTenThreeRelease

------------------------------------------------------------------------------
  The Secure Server work ([https://issues.apache.org/jira/browse/DERBY-2196 DERBY-2196]) introduces
the following incompatibility during upgrade from release 10.2:
  
  || '''Scenario''' || '''Old behavior''' || '''New behavior''' || '''Customer needs to make
these changes...''' ||
- ||  '''Unsecure with authentication'''|| In this scenario, !NetworkServerControl is the
main entry point for the VM and the VM starts up without a !SecurityManager. However, the
customer has turned on user authentication at the system level|| The server comes up as before.
However, under the hood,  !NetworkServerControl installs a !SecurityManager. Among      other
side-effects, this may affect the running of      customer-written procedures and functions.
The customer may need to instrument her code to run under a !SecurityManager.|| Probably the
customer does not need to do anything. However, the customer may need to bring the server
up with the -noSecurityManager flag if the !SecurityManager causes her  problems--for instance,
if she does not want to instrument the rest of her application to work under a !SecurityManager.||
+ ||  '''Unsecure with authentication'''|| In this scenario, !NetworkServerControl is the
main entry point for the VM and the VM starts up without a !SecurityManager. However, the
customer has set the system property derby.connection.requireAuthentication=true|| The server
comes up as before. However, under the hood,  !NetworkServerControl installs a !SecurityManager.
This may affect the running of customer-written procedures and functions. For instance, it
may affect whether application code can perform sensitive operations like file i/o, system-property-reading,
classloading, etc.. The customer may need to add privileged blocks to her code so that the
application can run under a !SecurityManager.|| Probably the customer does not need to do
anything. However, the customer may need to bring the server up with the -noSecurityManager
flag if the !SecurityManager causes her  problems--for instance, if she does not want to add
privileged blocks to her procedures and functions.||
- ||  '''Unsecure with no authentication'''|| In this scenario, !NetworkServerControl is the
main entry point for the VM and the VM starts up without a !SecurityManager. In addition,
there is no user authentication at the system level.|| The server fails to come up because
user authentication is not turned on.|| The customer must either turn on user authentication
or bring the server up with the -noSecurityManager flag. ||
+ ||  '''Unsecure with no authentication'''|| In this scenario, !NetworkServerControl is the
main entry point for the VM and the VM starts up without a !SecurityManager. In addition,
the system property derby.connection.requireAuthentication is not set to true|| The server
fails to come up because user authentication is not turned on.|| The customer must either
turn on user authentication or bring the server up with the -noSecurityManager flag. ||
  
  
  The DBA Powers work ([https://issues.apache.org/jira/browse/DERBY-2264 DERBY-2264]) introduces
the following incompatibility during upgrade from release 10.2:

Mime
View raw message