Mailing-List: contact derby-commits-help@db.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "Derby Development" <derby-dev@db.apache.org>
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Apache Wiki <wikidiffs@apache.org>
To: derby-commits@db.apache.org
Date: Thu, 22 Feb 2007 20:02:46 -0000
Message-ID: <20070222200246.6636.18233@eos.apache.osuosl.org>
Subject: [Db-derby Wiki] Update of "DerbyTenThreeRelease" by RichardHillegas

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Db-derby Wiki" for change notification.

The following page has been changed by RichardHillegas:
http://wiki.apache.org/db-derby/DerbyTenThreeRelease

------------------------------------------------------------------------------
  The Secure Server work ([https://issues.apache.org/jira/browse/DERBY-2196 DERBY-2196]) introduces the following incompatibility during upgrade from release 10.2:
  
  || '''Scenario''' || '''Old behavior''' || '''New behavior''' || '''Customer needs to make these changes...''' ||
- ||  '''Unsecure with authentication'''|| In this scenario, !NetworkServerControl is the main entry point for the VM and the VM starts up without a !SecurityManager. However, the customer has turned on user authentication at the system level|| The server comes up as before. However, under the hood,  !NetworkServerControl installs a !SecurityManager. Among      other side-effects, this may affect the running of      customer-written procedures and functions. The customer may need to instrument her code to run under a !SecurityManager.|| Probably the customer does not need to do anything. However, the customer may need to bring the server up with the -noSecurityManager flag if the !SecurityManager causes her  problems--for instance, if she does not want to instrument the rest of her application to work under a !SecurityManager.||
+ ||  '''Unsecure with authentication'''|| In this scenario, !NetworkServerControl is the main entry point for the VM and the VM starts up without a !SecurityManager. However, the customer has set the system property derby.connection.requireAuthentication=true|| The server comes up as before. However, under the hood,  !NetworkServerControl installs a !SecurityManager. This may affect the running of customer-written procedures and functions. For instance, it may affect whether application code can perform sensitive operations like file i/o, system-property-reading, classloading, etc.. The customer may need to add privileged blocks to her code so that the application can run under a !SecurityManager.|| Probably the customer does not need to do anything. However, the customer may need to bring the server up with the -noSecurityManager flag if the !SecurityManager causes her  problems--for instance, if she does not want to add privileged blocks to her procedures and functions.||
- ||  '''Unsecure with no authentication'''|| In this scenario, !NetworkServerControl is the main entry point for the VM and the VM starts up without a !SecurityManager. In addition, there is no user authentication at the system level.|| The server fails to come up because user authentication is not turned on.|| The customer must either turn on user authentication or bring the server up with the -noSecurityManager flag. ||
+ ||  '''Unsecure with no authentication'''|| In this scenario, !NetworkServerControl is the main entry point for the VM and the VM starts up without a !SecurityManager. In addition, the system property derby.connection.requireAuthentication is not set to true|| The server fails to come up because user authentication is not turned on.|| The customer must either turn on user authentication or bring the server up with the -noSecurityManager flag. ||
  
  
  The DBA Powers work ([https://issues.apache.org/jira/browse/DERBY-2264 DERBY-2264]) introduces the following incompatibility during upgrade from release 10.2: