db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From chaa...@apache.org
Subject svn commit: r1304566 [2/2] - /db/derby/docs/trunk/src/devguide/
Date Fri, 23 Mar 2012 19:19:27 GMT
Modified: db/derby/docs/trunk/src/devguide/tdevcsecure82556.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/tdevcsecure82556.dita?rev=1304566&r1=1304565&r2=1304566&view=diff
==============================================================================
--- db/derby/docs/trunk/src/devguide/tdevcsecure82556.dita (original)
+++ db/derby/docs/trunk/src/devguide/tdevcsecure82556.dita Fri Mar 23 19:19:26 2012
@@ -28,27 +28,19 @@ administrative resources.</shortdesc>
 <step><cmd>Configure security features as system properties.  See
 <xref href="cdevsetprop824451.dita#cdevsetprop824451"></xref> and 
 <xref href="cdevsetprop16827.dita#cdevsetprop16827"></xref>.</cmd></step>
-<step><cmd>Provide administrative-level protection for the <i>derby.properties</i>
file
+<step><cmd>Provide administrative-level protection for the
+<codeph>derby.properties</codeph> file
 and <ph conref="../conrefs.dita#prod/productshortname"></ph> databases. For
 example, you can protect these files and directories with operating system
 permissions and firewalls.</cmd></step>
 <step><cmd>Turn on user authentication for your system.  All users must provide
-valid user IDs and passwords to access the <ph conref="../conrefs.dita#prod/productshortname"></ph>
system.
-If you are using <ph conref="../conrefs.dita#prod/productshortname"></ph>'s
-built-in users, configure users for the system in the <i>derby.properties</i>
file.
-Provide the protection for this file.</cmd>
-<info><p><note type="important"><ph conref="../conrefs.dita#prod/productshortname"></ph>'s
-built-in authentication mechanism is suitable only for development and testing
-purposes. It is strongly recommended that production systems rely on LDAP or a
-user-defined class for authentication. It is also strongly recommended that
-production systems protect network connections with SSL/TLS.</note></p></info>
+valid user IDs and passwords to access the 
+<ph conref="../conrefs.dita#prod/productshortname"></ph> system. Use NATIVE
+authentication (or, alternatively, LDAP or a user-defined class).</cmd>
+<info><p><note type="important">It is also strongly recommended that production
+systems protect network connections with SSL/TLS.</note></p></info>
 </step>
-<step><cmd>Configure user authorization for sensitive databases in your system.
- Only designated users will be able to access sensitive databases. You typically
-configure user authorization with database-level properties. It is also possible
-to configure user authorization with system-level properties. This is useful
-when you are developing systems or when all databases have the same level
-of sensitivity.</cmd></step>
+<step><cmd>Configure SQL authorization for your databases.</cmd></step>
 <step><cmd>Check and if necessary configure your Derby network security 
 according to your environment. See the section "Network client security" in the
 <cite><ph conref="../conrefs.dita#pub/citadmin"></ph></cite>.</cmd></step>



Mime
View raw message