db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From scotsmat...@apache.org
Subject svn commit: r521448 - in /db/derby/docs/trunk/src: adminguide/cadminapps49914.dita adminguide/cadminapps811631.dita adminguide/cadminapps811656.dita ref/refderby.ditamap ref/rrefattribsecmech.dita
Date Thu, 22 Mar 2007 20:34:32 GMT
Author: scotsmatrix
Date: Thu Mar 22 13:34:31 2007
New Revision: 521448

URL: http://svn.apache.org/viewvc?view=rev&rev=521448
Log:
DERBY-2361: Added the new attribute for securityMechanism was added, examples improved, and
topic titles clarified. Patch derby-2361-4.diff contributed by Kim Haase.

Added:
    db/derby/docs/trunk/src/ref/rrefattribsecmech.dita   (with props)
Modified:
    db/derby/docs/trunk/src/adminguide/cadminapps49914.dita
    db/derby/docs/trunk/src/adminguide/cadminapps811631.dita
    db/derby/docs/trunk/src/adminguide/cadminapps811656.dita
    db/derby/docs/trunk/src/ref/refderby.ditamap

Modified: db/derby/docs/trunk/src/adminguide/cadminapps49914.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/cadminapps49914.dita?view=diff&rev=521448&r1=521447&r2=521448
==============================================================================
--- db/derby/docs/trunk/src/adminguide/cadminapps49914.dita (original)
+++ db/derby/docs/trunk/src/adminguide/cadminapps49914.dita Thu Mar 22 13:34:31 2007
@@ -22,28 +22,28 @@
 <prolog><metadata>
 <keywords><indexterm>User authentication differences<indexterm>and Network
 Server</indexterm></indexterm><indexterm>Network Server<indexterm>user
authentication
-and</indexterm></indexterm><indexterm>org.apache.derby.jdbc.ClientDataSource.
-CLEAR_TEXT_ PASSWORD_SECURITY</indexterm><indexterm>Security properties<indexterm>supported
+and</indexterm></indexterm><indexterm>org.apache.derby.jdbc.ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY</indexterm><indexterm>Security
properties<indexterm>supported
 by Network Server</indexterm></indexterm><indexterm>Network Server<indexterm>supported
-security properties</indexterm></indexterm><indexterm>org.apache.derby.jdbc.ClientDataSource.
-USER_ONLY_SECURITY</indexterm><indexterm>org.apache.derby.jdbc.ClientDataSource.
-ENCRYPTED_USER_AND_ PASSWORD_SECURITY</indexterm></keywords>
+security properties</indexterm></indexterm><indexterm>org.apache.derby.jdbc.ClientDataSource.USER_ONLY_SECURITY</indexterm>
+<indexterm>org.apache.derby.jdbc.ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY</indexterm>
+<indexterm>org.apache.derby.jdbc.ClientDataSource.STRONG_PASSWORD_SUBSTITUTE_SECURITY</indexterm></keywords>
 </metadata></prolog>
 <conbody>
 <p>When running <ph conref="adminconrefs.dita#prod/productshortname"></ph>
in
 embedded mode or when using the <ph conref="adminconrefs.dita#prod/productshortname"></ph>
Network
 Server, you can enable or disable server-side user authentication. However,
-when using the Network Server, the default security mechanism (<codeph>CLEAR_TEXT_PASSWORD</codeph>)
+when using the Network Server, the default security mechanism (<codeph>CLEAR_TEXT_PASSWORD_SECURITY</codeph>)
 requires that you supply both the user name and password.</p>
 <p>In addition to the default user name and password security mechanism, <i>org.apache.derby.jdbc.ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY,
</i
 > <ph conref="adminconrefs.dita#prod/productshortname"></ph> Network Server
 supports the following security properties:</p>
 <ul>
-<li><i>UserID  (org.apache.derby.jdbc.ClientDataSource.USER_ONLY_SECURITY)</i>
- <p>When using this mechanism, you must specify only the user property.</p></li>
-<li><i>Encrypted UserID and encrypted password (org.apache.derby.jdbc.ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY)</i>
  <p>When using this mechanism, both password and
+<li>UserID  (<i>org.apache.derby.jdbc.ClientDataSource.USER_ONLY_SECURITY</i>)
+<p>When using this mechanism, you must specify only the <codeph>user</codeph>
property.
+All other mechanisms require you to specify both the user name and the password.</p></li>
+<li>Encrypted UserID and encrypted password (<i>org.apache.derby.jdbc.ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY</i>)
   <p>When using this mechanism, both password and
 user id are encrypted.</p></li>
-<li><i>Strong password substitution (org.apache.derby.jdbc.ClientDataSource.STRONG_PASSWORD_SUBSTITUTE_SECURITY)</i>
+<li>Strong password substitution (<i>org.apache.derby.jdbc.ClientDataSource.STRONG_PASSWORD_SUBSTITUTE_SECURITY</i>)
 <p>When using this mechanism, a strong password substitute is generated and 
 used to authenticate the user with the network server. The original password is 
 never sent in any form across the network.</p></li>
@@ -53,7 +53,19 @@
 more information on schema and user names.</p>
 <p>If you specify any other security mechanism, you will receive an exception.</p>
 <p>To change the default, you can specify another security mechanism either
-as a property or on the URL (using the securityMechanism attribute) when making
-the connection.</p>
+as a property or on the URL (using the <codeph>securityMechanism=value</codeph>
attribute) when making
+the connection. For details, see
+<xref href="cadminappsclientsecurity.dita#cadminappsclientsecurity"></xref> and
+"securityMechanism=value attribute" in the 
+<ph conref="adminconrefs.dita#pub/citref"></ph>.</p>
+<p>Whether the security mechanism you specify for the client actually takes
+effect depends upon the setting of the 
+<codeph>derby.drda.securityMechanism</codeph> property for the Network Server.

+If the <codeph>derby.drda.securityMechanism</codeph> property is set, the 
+Network Server accepts only connections that use the security mechanism 
+specified by the property setting. If the 
+<codeph>derby.drda.securityMechanism</codeph> property is not set, clients can
+use any valid security mechanism. For details, see 
+<xref href="radmindrdasecmechanism.dita#radmindrdasecmechanism"></xref>.</p>
 </conbody>
 </concept>

Modified: db/derby/docs/trunk/src/adminguide/cadminapps811631.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/cadminapps811631.dita?view=diff&rev=521448&r1=521447&r2=521448
==============================================================================
--- db/derby/docs/trunk/src/adminguide/cadminapps811631.dita (original)
+++ db/derby/docs/trunk/src/adminguide/cadminapps811631.dita Thu Mar 22 13:34:31 2007
@@ -17,9 +17,17 @@
 -->
 <!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN" "../dtd/concept.dtd">
 <concept xml:lang="en-us" id="cadminapps811631">
-<title>Network Server user authentication when user authentication is on in Derby</title>
+<title>Security mechanism options when user authentication is enabled on the 
+Network Server</title>
 <prolog>
 </prolog>
 <conbody>
-<p>When user authentication is enabled in <ph conref="adminconrefs.dita#prod/productshortname"></ph>,
you can either use the default security mechanism (user name and password) or you can specify
that the security mechanism be encrypted user and password.</p>
+<p>When user authentication is enabled in 
+<ph conref="adminconrefs.dita#prod/productshortname"></ph>, you can use any of
+the following security mechanisms:</p>
+<ul>
+<li>Clear text user name and password security, the default</li>
+<li>Strong password substitute security </li>
+<li>Encrypted user name and password security</li>
+</ul>
 </conbody></concept>

Modified: db/derby/docs/trunk/src/adminguide/cadminapps811656.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/cadminapps811656.dita?view=diff&rev=521448&r1=521447&r2=521448
==============================================================================
--- db/derby/docs/trunk/src/adminguide/cadminapps811656.dita (original)
+++ db/derby/docs/trunk/src/adminguide/cadminapps811656.dita Thu Mar 22 13:34:31 2007
@@ -17,8 +17,8 @@
 -->
 <!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN" "../dtd/concept.dtd">
 <concept xml:lang="en-us" id="cadminapps811656">
-<title>Network Server user authentication when user authentication is off
-in Derby</title>
+<title>Security mechanism options when user authentication is disabled on the 
+Network Server</title>
 <prolog>
 </prolog>
 <conbody>

Modified: db/derby/docs/trunk/src/ref/refderby.ditamap
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/ref/refderby.ditamap?view=diff&rev=521448&r1=521447&r2=521448
==============================================================================
--- db/derby/docs/trunk/src/ref/refderby.ditamap (original)
+++ db/derby/docs/trunk/src/ref/refderby.ditamap Thu Mar 22 13:34:31 2007
@@ -582,6 +582,8 @@
 </topicref>
 <topicref href="rrefrollforward.dita" navtitle="rollForwardRecoveryFrom=path attribute">
 </topicref>
+<topicref href="rrefattribsecmech.dita" navtitle="securityMechanism=value attribute">
+</topicref>
 <topicref href="rrefattrib16471.dita" navtitle="shutdown=true attribute">
 </topicref>
 <topicref href="rrefattrib56769.dita" navtitle="territory=ll_CC attribute">

Added: db/derby/docs/trunk/src/ref/rrefattribsecmech.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/ref/rrefattribsecmech.dita?view=auto&rev=521448
==============================================================================
--- db/derby/docs/trunk/src/ref/rrefattribsecmech.dita (added)
+++ db/derby/docs/trunk/src/ref/rrefattribsecmech.dita Thu Mar 22 13:34:31 2007
@@ -0,0 +1,70 @@
+<?xml version="1.0" encoding="utf-8"?>
+ 
+<!DOCTYPE reference PUBLIC "-//OASIS//DTD DITA Reference//EN"
+ "../dtd/reference.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at      
+
+http://www.apache.org/licenses/LICENSE-2.0  
+
+Unless required by applicable law or agreed to in writing, software  
+distributed under the License is distributed on an "AS IS" BASIS,  
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  
+See the License for the specific language governing permissions and  
+limitations under the License.
+-->
+<reference id="rrefattribsecmech" xml:lang="en-us">
+<title>securityMechanism=value attribute</title>
+<prolog><metadata>
+<keywords><indexterm>securityMechanism=value attribute</indexterm>
+<indexterm>databases<indexterm>attributes, security mechanism</indexterm></indexterm>
+<indexterm>attributes<indexterm>securityMechanism</indexterm></indexterm></keywords>
+</metadata></prolog>
+<refbody>
+<section><title>Function</title><p>Specifies a security mechanism

+for client access to the Network Server. The <i>value</i> is numeric.</p>

+<p>Valid numeric values are:</p>
+<!-- (Kim - March 2007) The values are out of numeric order because the last
+two are defaults that users don't need to specify; they're present for 
+completeness only. -->
+<ul>
+<li><codeph><b>8</b></codeph>, which specifies Strong Password
Substitute security. If 
+you specify this mechanism, a strong password substitute is generated and used 
+to authenticate the user with the network server. The original password is 
+never sent in any form across the network.</li>
+<li><codeph><b>9</b></codeph>, which specifies Encrypted UserID
and Encrypted Password 
+security. If you specify this mechanism, both the user ID and the password are 
+encrypted. See "Enabling the encrypted user ID and password security mechanism" 
+in the <ph conref="refconrefs.dita#pub/citadmin"></ph> for additional 
+requirements for the use of this security mechanism.</li>
+<li><codeph><b>3</b></codeph>, which specifies Clear Text Password
security. Clear 
+Text Password security is the default if you do not specify the 
+<i>securityMechanism</i> attribute and you specify both the 
+<i><xref href="rrefattrib10035.dita#rrefattrib10035">user=userName</xref></i>

+and
+<i><xref href="rrefattrib42686.dita#rrefattrib42686">password=userPassword</xref></i>

+attributes.</li>
+<li><codeph><b>4</b></codeph>, which specifies User Only security.
User Only security 
+is the default if you do not specify the <i>securityMechanism</i> attribute and

+you specify the 
+<i><xref href="rrefattrib10035.dita#rrefattrib10035">user=userName</xref></i>

+attribute but not the 
+<i><xref href="rrefattrib42686.dita#rrefattrib42686">password=userPassword</xref></i>
+attribute.</li>
+</ul>
+</section>
+<section><title>Combining with other attributes</title> 
+<p>The <i>securityMechanism</i> attribute must be combined with the 
+<i><xref href="rrefattrib10035.dita#rrefattrib10035">user=userName</xref></i>

+attribute.</p>
+</section>
+<example><title>Example</title>
+<codeblock><b><ph>-- specify Strong Password Substitute security</ph>
+jdbc:derby://localhost/mydb;user=myuser;password=mypassword;securityMechanism=8</b></codeblock>
</example>
+</refbody>
+</reference>

Propchange: db/derby/docs/trunk/src/ref/rrefattribsecmech.dita
------------------------------------------------------------------------------
    svn:eol-style = native



Mime
View raw message