Return-Path: 
 <derby-commits-return-18246-apmail-db-derby-commits-archive=db.apache.org@db.apache.org>
X-Original-To: apmail-db-derby-commits-archive@www.apache.org
Delivered-To: apmail-db-derby-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id E8DDF11797
	for <apmail-db-derby-commits-archive@www.apache.org>;
 Mon, 19 May 2014 20:10:40 +0000 (UTC)
Received: (qmail 69049 invoked by uid 500); 19 May 2014 20:10:40 -0000
Delivered-To: apmail-db-derby-commits-archive@db.apache.org
Received: (qmail 69022 invoked by uid 500); 19 May 2014 20:10:40 -0000
Mailing-List: contact derby-commits-help@db.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:derby-commits-help@db.apache.org>
list-unsubscribe: <mailto:derby-commits-unsubscribe@db.apache.org>
List-Post: <mailto:derby-commits@db.apache.org>
Reply-To: "Derby Development" <derby-dev@db.apache.org>
List-Id: <derby-commits.db.apache.org>
Delivered-To: mailing list derby-commits@db.apache.org
Received: (qmail 69015 invoked by uid 99); 19 May 2014 20:10:40 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 19 May 2014 20:10:40 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=5.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 19 May 2014 20:10:38 +0000
Received: from eris.apache.org (localhost [127.0.0.1])
	by eris.apache.org (Postfix) with ESMTP id 97AD02388C42;
	Mon, 19 May 2014 20:09:41 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1596037 [13/13] - in /db/derby/docs/trunk: ./
 src/security/
Date: Mon, 19 May 2014 20:09:36 -0000
To: derby-commits@db.apache.org
From: chaase3@apache.org
X-Mailer: svnmailer-1.0.9
Message-Id: <20140519200941.97AD02388C42@eris.apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org

Added: db/derby/docs/trunk/src/security/security_os.gif
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/security_os.gif?rev=1596037&view=auto
==============================================================================
Binary file - no diff available.

Propchange: db/derby/docs/trunk/src/security/security_os.gif
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Added: db/derby/docs/trunk/src/security/security_os.jpg
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/security_os.jpg?rev=1596037&view=auto
==============================================================================
Binary file - no diff available.

Propchange: db/derby/docs/trunk/src/security/security_os.jpg
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Added: db/derby/docs/trunk/src/security/tseccsecure81850.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/tseccsecure81850.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/tseccsecure81850.dita (added)
+++ db/derby/docs/trunk/src/security/tseccsecure81850.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE task PUBLIC "-//OASIS//DTD DITA Task//EN"
+ "../dtd/task.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at      
+
+   http://www.apache.org/licenses/LICENSE-2.0  
+
+Unless required by applicable law or agreed to in writing, software  
+distributed under the License is distributed on an "AS IS" BASIS,  
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  
+See the License for the specific language governing permissions and  
+limitations under the License.
+-->
+<task id="tseccsecure81850" xml:lang="en-us">
+<title>Configuring security in an embedded environment</title>
+<shortdesc>In an embedded environment, typically there is only one database
+per system, and there are no administrative resources to protect
+databases.</shortdesc>
+<prolog></prolog>
+<taskbody>
+<context>To configure security in an embedded environment:</context>
+<steps>
+<step><cmd>Encrypt the database when you create it.</cmd></step>
+<step><cmd>Configure all security features as database-level properties. 
+These properties are stored in the database (which is encrypted). See
+"Scope of properties" and "Setting database-wide properties" in the
+<ph conref="../conrefs.dita#pub/citdevelop"></ph> for more information.</cmd>
+</step>
+<step><cmd>Turn on protection for database-level properties so that they cannot
+be overridden by system properties by setting the
+<codeph>derby.database.propertiesOnly</codeph> property to true. See the
+<ph conref="../conrefs.dita#pub/citref"></ph> for details on this
+property.</cmd></step>
+<step><cmd>To prevent unauthorized users from accessing databases once they
+are booted, turn on user authentication and SQL authorization for the database.
+Use NATIVE authentication or, alternatively, LDAP or a user-defined
+class.</cmd></step>
+<step><cmd>Configure Java security for your environment.</cmd></step>
+</steps>
+<result><p>The following figure shows how disk encryption protects data when the
+recipient might not know how to protect data. It is useful for databases
+deployed in an embedded environment.</p>
+<fig expanse="column"><title>Using disk encryption to protect data</title>
+<image href="security2_os.gif" placement="break"><alt>This figure shows disk encryption between the Derby engine and the database.</alt>
+</image>
+</fig>
+</result>
+</taskbody>
+</task>

Propchange: db/derby/docs/trunk/src/security/tseccsecure81850.dita
------------------------------------------------------------------------------
    svn:eol-style = native

Added: db/derby/docs/trunk/src/security/tseccsecure82556.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/tseccsecure82556.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/tseccsecure82556.dita (added)
+++ db/derby/docs/trunk/src/security/tseccsecure82556.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE task PUBLIC "-//OASIS//DTD DITA Task//EN"
+ "../dtd/task.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at      
+
+   http://www.apache.org/licenses/LICENSE-2.0  
+
+Unless required by applicable law or agreed to in writing, software  
+distributed under the License is distributed on an "AS IS" BASIS,  
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  
+See the License for the specific language governing permissions and  
+limitations under the License.
+-->
+<task id="tseccsecure82556" xml:lang="en-us">
+<title>Configuring security in a client/server environment</title>
+<shortdesc>This procedure requires a system with multiple databases and some
+administrative resources.</shortdesc>
+<prolog></prolog>
+<taskbody>
+<steps>
+<step><cmd>Configure security features as system-level properties.</cmd>
+</step>
+<step><cmd>Provide administrative-level protection for the
+<codeph>derby.properties</codeph> file
+and <ph conref="../conrefs.dita#prod/productshortname"></ph> databases. For
+example, you can protect these files and directories with operating system
+permissions and firewalls.</cmd></step>
+<step><cmd>Turn on user authentication for your system.  All users must provide
+valid user IDs and passwords to access the 
+<ph conref="../conrefs.dita#prod/productshortname"></ph> system. Use NATIVE
+authentication (or, alternatively, LDAP or a user-defined class).</cmd>
+<info><p><note type="important">It is also strongly recommended that production
+systems protect network connections with SSL/TLS.</note></p></info>
+</step>
+<step><cmd>Configure fine-grained user authorization (SQL authorization) for
+your databases.</cmd></step>
+<step><cmd>Configure Java security for your environment.</cmd></step>
+</steps>
+<result><p>The following figure shows some of the
+<ph conref="../conrefs.dita#prod/productshortname"></ph> security mechanisms at
+work in a client/server environment. User authentication is performed by
+accessing an LDAP directory service. The data in the database is not encrypted
+in this trusted environment.</p>
+<fig expanse="column"><title>Using an LDAP directory service in a trusted
+environment</title>
+<image href="security_os.gif" placement="break"><alt>This figure shows user authentication from an LDAP directory service to the Derby engine, and user authorization to read and write data. The Derby database is a trusted environment, and the data is not encrypted.</alt>
+</image>
+</fig>
+</result>
+</taskbody>
+</task>

Propchange: db/derby/docs/trunk/src/security/tseccsecure82556.dita
------------------------------------------------------------------------------
    svn:eol-style = native

Added: db/derby/docs/trunk/src/security/tseccsecurenewbootpw.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/tseccsecurenewbootpw.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/tseccsecurenewbootpw.dita (added)
+++ db/derby/docs/trunk/src/security/tseccsecurenewbootpw.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="utf-8"?>
+ 
+<!DOCTYPE task PUBLIC "-//OASIS//DTD DITA Task//EN"
+ "../dtd/task.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at      
+
+   http://www.apache.org/licenses/LICENSE-2.0  
+
+Unless required by applicable law or agreed to in writing, software  
+distributed under the License is distributed on an "AS IS" BASIS,  
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  
+See the License for the specific language governing permissions and  
+limitations under the License.
+-->
+<task id="tseccsecurenewbootpw" xml:lang="en-us">
+<title>Encrypting databases with a new boot password</title>
+<shortdesc>You can apply a new boot password to a
+<ph conref="../conrefs.dita#prod/productshortname"></ph> database by specifying
+the <codeph>newBootPassword=<i>newPassword</i></codeph> attribute on the
+connection URL when you boot the database.</shortdesc>
+<prolog><metadata>
+<keywords>
+<indexterm>encrypting databases<indexterm>new boot password</indexterm></indexterm>
+<indexterm>databases<indexterm>encrypting, new boot password</indexterm></indexterm>
+</keywords>
+</metadata></prolog>
+<taskbody>
+<prereq><ul>
+<li>If the database is configured with log archival for roll-forward recovery,
+you must disable log archival and perform a shutdown before you can encrypt the
+database with a new boot password. </li>
+<li>If any global transactions are in the prepared state after recovery, the
+database cannot be encrypted with a new boot password.</li>
+<li>If the database is currently encrypted with an external encryption key,
+<xref href="tseccsecurenewextkey.dita">use the
+<codeph>newEncryptionKey=<i>key</i></codeph> attribute</xref> to encrypt the
+database.</li>
+</ul></prereq>
+<context><p>When you use the <codeph>newBootPassword=<i>newPassword</i></codeph>
+attribute, a new encryption key is generated internally by the engine, and the
+key is protected using the new boot password. The newly generated encryption key
+encrypts the database, including the existing data. You cannot change the
+encryption provider or encryption algorithm when you apply a new boot
+password.</p>
+<p>To encrypt a database  with a new boot password:</p></context>
+<steps>
+<step><cmd>Specify the <codeph>newBootPassword=<i>newPassword</i></codeph>
+attribute in a URL and reboot the database.</cmd>
+<stepxmp>For example, if you use the following URL to reboot
+the <codeph>salesdb</codeph> database, the database is encrypted
+with the new encryption key and is protected by the password
+<codeph>new1234xyz</codeph>:
+<codeblock>jdbc:derby:salesdb;bootPassword=abc1234xyz;newBootPassword=new1234xyz</codeblock>
+</stepxmp>
+<info>
+<p>If <xref href="cseccsecure42374.dita">authentication</xref> and
+<xref href="csecauthorfine.dita#csecauthorfine">SQL authorization</xref> are
+both enabled, the credentials of the
+<xref href="cseccsecuredbowner.dita">Database Owner</xref> must be supplied as
+well, since reencryption is a restricted operation.</p>
+<p>After you change the boot password, be sure to check for
+<codeph>SQLWarning</codeph>s. The change succeeded only if there were no
+<codeph>SQLWarning</codeph>s or <codeph>SQLException</codeph>s.</p>
+<p>If you disabled log archival before you applied the new boot password, create
+a new backup of the database after the database is reconfigured with the new
+boot password. For more information, see the section "Backing up and restoring
+databases" in the <ph conref="../conrefs.dita#pub/citadmin"></ph>, particularly
+"Roll-forward recovery".</p>
+</info>
+</step>
+</steps>
+</taskbody>
+</task>

Propchange: db/derby/docs/trunk/src/security/tseccsecurenewbootpw.dita
------------------------------------------------------------------------------
    svn:eol-style = native

Added: db/derby/docs/trunk/src/security/tseccsecurenewextkey.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/tseccsecurenewextkey.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/tseccsecurenewextkey.dita (added)
+++ db/derby/docs/trunk/src/security/tseccsecurenewextkey.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,74 @@
+<?xml version="1.0" encoding="utf-8"?>
+ 
+<!DOCTYPE task PUBLIC "-//OASIS//DTD DITA Task//EN"
+ "../dtd/task.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at      
+
+   http://www.apache.org/licenses/LICENSE-2.0  
+
+Unless required by applicable law or agreed to in writing, software  
+distributed under the License is distributed on an "AS IS" BASIS,  
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  
+See the License for the specific language governing permissions and  
+limitations under the License.
+-->
+<task id="tseccsecurenewextkey" xml:lang="en-us">
+<title>Encrypting databases with a new external encryption key</title>
+<shortdesc>You can apply a new external encryption key to a
+<ph conref="../conrefs.dita#prod/productshortname"></ph> database by specifying
+the <codeph>newEncryptionKey=<i>key</i></codeph> attribute on the connection URL
+when you boot the database.</shortdesc>
+<prolog><metadata>
+<keywords>
+<indexterm>encrypting databases<indexterm>new external key</indexterm></indexterm>
+<indexterm>databases<indexterm>encrypting, new external key</indexterm></indexterm>
+</keywords>
+</metadata></prolog>
+<taskbody>
+<prereq><ul>
+<li>If the database is configured with log archival for roll-forward recovery,
+you must disable log archival and perform a shutdown before you can encrypt the
+database with a new external encryption key. </li>
+<li>If any global transaction are in the prepared state after recovery, the
+database cannot be encrypted with a new encryption key.</li>
+<li>If the database is currently encrypted with a boot password,
+<xref href="tseccsecurenewbootpw.dita">use the
+<codeph>newBootPassword=<i>newPassword</i></codeph> attribute</xref> to encrypt
+the database.</li>
+</ul></prereq>
+<context><p>To encrypt a database with a new external encryption key:</p>
+</context>
+<steps>
+<step><cmd>Specify the <codeph>newEncryptionKey=<i>key</i></codeph> attribute in
+a URL and reboot the database.</cmd>
+<stepxmp>For example, if you use the following URL to reboot the
+<codeph>salesdb</codeph> database, the database is encrypted with the new
+encryption key <codeph>6862636465666768</codeph>:
+<codeblock>jdbc:derby:salesdb;encryptionKey=6162636465666768;
+newEncryptionKey=6862636465666768'</codeblock>
+</stepxmp>
+<info>
+<p>If <xref href="cseccsecure42374.dita">authentication</xref> and
+<xref href="csecauthorfine.dita#csecauthorfine">SQL authorization</xref> are
+both enabled, the credentials of the
+<xref href="cseccsecuredbowner.dita">Database Owner</xref> must be supplied as
+well, since encryption is a restricted operation.</p>
+</info>
+<info><p>After you change the encryption key, be sure to check for
+<codeph>SQLWarning</codeph>s. The change succeeded only if there were no
+<codeph>SQLWarning</codeph>s or <codeph>SQLException</codeph>s.</p>
+<p>If you disabled log archival before you applied the new encryption key,
+create a new backup of the database after the database is reconfigured with the
+new encryption key. For more information, see the section "Backing up and
+restoring databases" in the <ph conref="../conrefs.dita#pub/citadmin"></ph>,
+particularly "Roll-forward recovery".</p></info>
+</step>
+</steps>
+</taskbody>
+</task>

Propchange: db/derby/docs/trunk/src/security/tseccsecurenewextkey.dita
------------------------------------------------------------------------------
    svn:eol-style = native

Added: db/derby/docs/trunk/src/security/tseccsecurenewkeyoverview.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/tseccsecurenewkeyoverview.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/tseccsecurenewkeyoverview.dita (added)
+++ db/derby/docs/trunk/src/security/tseccsecurenewkeyoverview.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="utf-8"?>
+ 
+<!DOCTYPE task PUBLIC "-//OASIS//DTD DITA Task//EN"
+ "../dtd/task.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at      
+
+   http://www.apache.org/licenses/LICENSE-2.0  
+
+Unless required by applicable law or agreed to in writing, software  
+distributed under the License is distributed on an "AS IS" BASIS,  
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  
+See the License for the specific language governing permissions and  
+limitations under the License.
+-->
+<task id="tseccsecurenewkeyoverview" xml:lang="en-us">
+<title>Encrypting databases with a new key</title>
+<shortdesc>You can apply a new encryption key to a
+<ph conref="../conrefs.dita#prod/productshortname"></ph> database by specifying
+a new boot password or a new external key.</shortdesc>
+<prolog><metadata>
+<keywords>
+<indexterm>encrypting databases<indexterm>new key, overview</indexterm></indexterm>
+<indexterm>databases<indexterm>overview of encrypting, new key</indexterm></indexterm>
+</keywords>
+</metadata></prolog>
+<taskbody>
+<context><p>Encrypting a database with a new encryption key is a time-consuming
+process because it involves encrypting all of the existing data in the database
+with the new encryption key. If the process is interrupted before completion,
+all the changes are rolled back the next time the database is booted. If the
+interruption occurs immediately after the database is encrypted with the new
+encryption key but before the connection is returned to the application, you
+might not be able to boot the database with the old encryption key. In these
+rare circumstances, you should try to boot the database with the new encryption
+key.</p>
+<note othertype="Recommendation" type="other">Ensure that you have enough free
+disk space before you encrypt a database with a new key. In addition to the disk
+space required for the current size of the database, temporary disk space is
+required to store the old version of the data to restore the database back to
+its original state if the new encryption is interrupted or returns errors. All
+of the temporary disk space is released back to the operating system after the
+database is reconfigured to work with the new encryption key.</note>
+<p>To encrypt a database with a new encryption key:</p></context>
+<steps>
+<step><cmd>Use the type of encryption that is currently used to encrypt the
+database:</cmd>
+<choices>
+<choice>To <xref href="tseccsecurenewbootpw.dita">encrypt the database with a
+new boot password key</xref>, use the
+<codeph>newBootPassword=<i>newPassword</i></codeph> attribute.</choice>
+<choice>To <xref href="tseccsecurenewextkey.dita">encrypt the database with a
+new external encryption key</xref>, use the
+<codeph>newEncryptionKey=<i>key</i></codeph> attribute.</choice>
+</choices>
+<info>If <xref href="cseccsecure42374.dita">authentication</xref> and
+<xref href="csecauthorfine.dita#csecauthorfine">SQL authorization</xref> are
+both enabled, the credentials of the
+<xref href="cseccsecuredbowner.dita">Database Owner</xref> must be supplied,
+since reencryption is a restricted operation.</info>
+</step>
+</steps>
+</taskbody>
+</task>

Propchange: db/derby/docs/trunk/src/security/tseccsecurenewkeyoverview.dita
------------------------------------------------------------------------------
    svn:eol-style = native

Added: db/derby/docs/trunk/src/security/tseccsecureunencrypteddb.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/tseccsecureunencrypteddb.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/tseccsecureunencrypteddb.dita (added)
+++ db/derby/docs/trunk/src/security/tseccsecureunencrypteddb.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="utf-8"?>
+ 
+<!DOCTYPE task PUBLIC "-//OASIS//DTD DITA Task//EN"
+ "../dtd/task.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at      
+
+   http://www.apache.org/licenses/LICENSE-2.0  
+
+Unless required by applicable law or agreed to in writing, software  
+distributed under the License is distributed on an "AS IS" BASIS,  
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  
+See the License for the specific language governing permissions and  
+limitations under the License.
+-->
+<task id="tseccsecureunencrypteddb" xml:lang="en-us">
+<title>Encrypting an existing unencrypted database</title>
+<shortdesc>You can encrypt an unencrypted
+<ph conref="../conrefs.dita#prod/productshortname"></ph> database by specifying
+attributes on the connection URL when you boot the database. The attributes that
+you specify depend on how you want the database encrypted.</shortdesc>
+<prolog><metadata>
+<keywords><indexterm>encrypting databases<indexterm>existing unencrypted databases</indexterm></indexterm>
+<indexterm>databases<indexterm>encrypting, existing unencrypted</indexterm></indexterm>
+</keywords>
+</metadata></prolog>
+<taskbody>
+<prereq><ul>
+<li>If the database is configured with log archival, you must disable log
+archival and perform a shutdown before you can encrypt the database.</li>
+<li>If any global transactions are in the prepared state after
+recovery, the database cannot be encrypted.</li>
+</ul></prereq>
+<context><p>When you encrypt an existing, unencrypted database, you can specify
+whether the database should be encrypted using a boot password
+(<codeph>bootPassword=<i>key</i></codeph>) or an external encryption key
+(<codeph>encryptionKey=<i>key</i></codeph>). You can also specify the
+<codeph>encryptionProvider=<i>providerName</i></codeph> attribute and the
+<codeph>encryptionAlgorithm=<i>algorithm</i></codeph> attribute on the
+connection URL. The database is configured with the specified encryption
+attributes, and all of the existing data in the database is encrypted.</p>
+<p>See the <ph conref="../conrefs.dita#pub/citref"></ph> for details on the
+connection URL attributes.</p>
+<p>Encrypting a database is a time-consuming process because it involves
+encrypting all of the existing data in the database. If the process is
+interrupted before completion, all the changes are rolled back the next time the
+database is booted. If the interruption occurs immediately after the database is
+encrypted but before the connection is returned to the application, you might
+not be able to boot the database without the boot password or external
+encryption key. In these rare circumstances, you should try to boot the database
+with the boot password or the external encryption key.</p>
+<note othertype="Recommendation" type="other">Ensure that you have enough free
+disk space before you encrypt a database. In addition to the disk space required
+for the current size of the database, temporary disk space is required to store
+the old version of the data to restore the database back to its original state
+if the encryption is interrupted or returns errors. All of the temporary disk
+space is released back to the operating system after the database is
+encrypted.</note>
+<p>To encrypt an existing unencrypted database:</p></context>
+<steps>
+<step>
+<cmd>Specify the <codeph>dataEncryption=true</codeph> attribute and either the
+<codeph>encryptionKey=<i>key</i></codeph> attribute or the
+<codeph>bootPassword=<i>key</i></codeph> attribute in a connection URL and boot
+the database.</cmd>
+<stepxmp>For example, to encrypt the <codeph>salesdb</codeph> database with
+the boot password <codeph>abc1234xyz</codeph>, specify the following attributes
+in the URL:
+<codeblock>jdbc:derby:salesdb;dataEncryption=true;bootPassword=abc1234xyz</codeblock></stepxmp>
+<info><p>If
+<xref href="cseccsecure42374.dita">authentication</xref> and
+<xref href="csecauthorfine.dita#csecauthorfine">SQL authorization</xref>
+are both enabled, the credentials of the
+<xref href="cseccsecuredbowner.dita">Database Owner</xref> must be supplied as
+well, since encryption is a restricted operation.</p>
+<p>After you encrypt an existing, unencrypted database, be sure to check for
+<codeph>SQLWarning</codeph>s. The encryption succeeded only if there were no
+<codeph>SQLWarning</codeph>s or <codeph>SQLException</codeph>s.</p>
+<p>
+If you disabled log archival before you encrypted the database, create a new
+backup of the database after the database is encrypted. For more information,
+see the section "Backing up and restoring databases" in the
+<ph conref="../conrefs.dita#pub/citadmin"></ph>, particularly "Roll-forward
+recovery".</p></info>
+</step>
+</steps>
+</taskbody>
+</task>

Propchange: db/derby/docs/trunk/src/security/tseccsecureunencrypteddb.dita
------------------------------------------------------------------------------
    svn:eol-style = native

Added: db/derby/docs/trunk/src/security/tsecnetservopen.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/tsecnetservopen.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/tsecnetservopen.dita (added)
+++ db/derby/docs/trunk/src/security/tsecnetservopen.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE task PUBLIC "-//OASIS//DTD DITA Task//EN"
+ "../dtd/task.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at      
+
+   http://www.apache.org/licenses/LICENSE-2.0  
+
+Unless required by applicable law or agreed to in writing, software  
+distributed under the License is distributed on an "AS IS" BASIS,  
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  
+See the License for the specific language governing permissions and  
+limitations under the License.
+-->
+<task id="tsecnetservopen" xml:lang="en-us">
+<title>Running the Network Server without a security manager</title>
+<shortdesc>You may override the Network Server's default installation of a
+security manager if, for some reason, you need to run your application outside
+of the Java security protections.</shortdesc>
+<prolog><metadata>
+<keywords>
+<indexterm>Network Server<indexterm>no security manager</indexterm></indexterm>
+</keywords>
+</metadata></prolog>
+<taskbody>
+<context>
+<note othertype="" type="caution">You incur a severe security risk by opening
+up the server to all clients without limiting access via user authentication and
+a security policy.</note>
+<p>Use the <codeph>-noSecurityManager</codeph> option to force the Network
+Server to come up without a security manager. For example:</p>
+<codeblock><b>java org.apache.derby.drda.NetworkServerControl start \
+-h localhost -noSecurityManager</b></codeblock>
+</context>
+</taskbody>
+</task>

Propchange: db/derby/docs/trunk/src/security/tsecnetservopen.dita
------------------------------------------------------------------------------
    svn:eol-style = native

Added: db/derby/docs/trunk/src/security/tsecnetservrun.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/tsecnetservrun.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/tsecnetservrun.dita (added)
+++ db/derby/docs/trunk/src/security/tsecnetservrun.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!DOCTYPE task PUBLIC "-//OASIS//DTD DITA Task//EN"
+ "../dtd/task.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at      
+
+   http://www.apache.org/licenses/LICENSE-2.0  
+
+Unless required by applicable law or agreed to in writing, software  
+distributed under the License is distributed on an "AS IS" BASIS,  
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  
+See the License for the specific language governing permissions and  
+limitations under the License.
+-->
+<task id="tsecnetservrun" xml:lang="en-us">
+<title>Running the Network Server with a security manager</title>
+<shortdesc>If you start the Network Server without specifying a security
+manager, the Network Server installs a default Java security manager that
+enforces a Basic policy.</shortdesc>
+<prolog><metadata><keywords>
+<indexterm>Network Server<indexterm>running under security manager</indexterm></indexterm>
+<indexterm>Network Server<indexterm>basic policy</indexterm></indexterm>
+</keywords></metadata></prolog>
+<taskbody>
+<context>
+<p>You are encouraged to customize this policy to fit the security needs of your
+application and its runtime environment.</p>
+<p>You may also run the Network Server without a security manager, although this
+is not recommended.</p>
+<p>The default policy is used if you boot the Network Server as your VM's entry
+point, using a command like the following:</p>
+<codeblock><b>java org.apache.derby.drda.NetworkServerControl start ...</b></codeblock>
+<p>Some of your application code may run as procedures and functions that you
+have declared using the CREATE PROCEDURE and CREATE FUNCTION statements. You
+will need to add privileged blocks to your declared procedures and functions if
+they perform sensitive operations, such as file and network I/O, classloading,
+system property reading, and the like.</p>
+<p>The Network Server attempts to install a security manager only if you start
+the server as the entry point of your VM. The Network Server will not attempt to
+install a security manager if you start the server from your application using
+the programmatic API described in "Starting the Network Server from a Java
+application" in the <ph conref="../conrefs.dita#pub/citadmin"></ph>.</p>
+</context>
+</taskbody>
+</task>

Propchange: db/derby/docs/trunk/src/security/tsecnetservrun.dita
------------------------------------------------------------------------------
    svn:eol-style = native

Added: db/derby/docs/trunk/src/security/tsecsslclientkeycert.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/tsecsslclientkeycert.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/tsecsslclientkeycert.dita (added)
+++ db/derby/docs/trunk/src/security/tsecsslclientkeycert.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE task PUBLIC "-//OASIS//DTD DITA Task//EN"
+ "../dtd/task.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at      
+
+   http://www.apache.org/licenses/LICENSE-2.0  
+
+Unless required by applicable law or agreed to in writing, software  
+distributed under the License is distributed on an "AS IS" BASIS,  
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  
+See the License for the specific language governing permissions and  
+limitations under the License.
+-->
+<task id="tsecsslclientkeycert" xml:lang="en-us">
+<title>Creating a client key pair and certificate</title>
+<shortdesc>Follow these steps to create a client key pair and a client
+certificate.</shortdesc>
+<taskbody>
+<steps>
+<step>
+<cmd>Choose a password for the key store.</cmd>
+<info><p>Suppose you choose the password
+<codeph>secretClientPassword</codeph>.</p></info>
+</step>
+<step>
+<cmd>On the client system, issue the following command to create the client's
+public/private key pair.</cmd>
+<info><p>You will be prompted to enter the password plus some identifying
+information (your input is marked <codeph><b>bold</b></codeph>):</p></info>
+<stepxmp><codeblock><b>keytool -genkey -alias MyClientName -keystore ~/vault/ClientKeyStore</b>
+Enter keystore password: <b>secretClientPassword</b>
+What is your first and last name?
+[Unknown]: <b>MyFirstName MyLastName</b>
+What is the name of your organizational unit?
+[Unknown]: <b>Proofreading Department</b>
+What is the name of your organization?
+[Unknown]: <b>Name of my bookstore</b>
+What is the name of your City or Locality?
+[Unknown]: <b>New York</b>
+What is the name of your State or Province?
+[Unknown]: <b>NY</b>
+What is the two-letter country code for this unit?
+[Unknown]: <b>US</b>
+Is CN=MyFirstName MyLastName, OU=Proofreading Department, O=Name of my bookstore, L=New York, ST=NY, C=US correct?
+[no]: <b>yes</b>
+
+
+Enter key password for &lt;MyClientName&gt;
+   (RETURN if same as keystore password):</codeblock>
+</stepxmp>
+</step>
+<step><cmd>Next, create a certificate for this client. Enter the command all on
+one line:</cmd>
+<stepxmp><codeblock><b>keytool -export -alias MyClientName \
+-keystore ~/vault/ClientKeyStore  -rfc -file ClientCertificate \
+-storepass secretClientPassword</b></codeblock>
+</stepxmp>
+<info>This command creates a file called <codeph>ClientCertificate</codeph>.
+Later, you will import this file into the server's trust store.</info>
+</step>
+</steps>
+</taskbody>
+</task>
\ No newline at end of file

Propchange: db/derby/docs/trunk/src/security/tsecsslclientkeycert.dita
------------------------------------------------------------------------------
    svn:eol-style = native

Added: db/derby/docs/trunk/src/security/tsecsslimportcerts.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/tsecsslimportcerts.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/tsecsslimportcerts.dita (added)
+++ db/derby/docs/trunk/src/security/tsecsslimportcerts.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE task PUBLIC "-//OASIS//DTD DITA Task//EN"
+ "../dtd/task.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at      
+
+   http://www.apache.org/licenses/LICENSE-2.0  
+
+Unless required by applicable law or agreed to in writing, software  
+distributed under the License is distributed on an "AS IS" BASIS,  
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  
+See the License for the specific language governing permissions and  
+limitations under the License.
+-->
+<task id="tsecsslimportcerts" xml:lang="en-us">
+<title>Importing certificates</title>
+<shortdesc>Follow these steps to import each certificate into the other's
+trust store.</shortdesc>
+<taskbody>
+<steps>
+<step>
+<cmd>On the client, import the server certificate into the client's trust
+store:</cmd>
+<stepxmp><codeblock><b>keytool -import -alias favoriteServerCertificate \
+-file ServerCertificate -keystore ~/vault/ClientTrustStore \
+-storepass secretClientTrustStorePassword</b></codeblock>
+</stepxmp>
+</step>
+<step>
+<cmd>On the server, import the client certificate into the server's trust
+store:</cmd>
+<stepxmp><codeblock><b>keytool -import -alias Client_1_Certificate \
+-file ClientCertificate -keystore ~/vault/ServerTrustStore \
+-storepass secretServerTrustStorePassword</b></codeblock>
+</stepxmp>
+</step>
+</steps>
+</taskbody>
+</task>

Propchange: db/derby/docs/trunk/src/security/tsecsslimportcerts.dita
------------------------------------------------------------------------------
    svn:eol-style = native

Added: db/derby/docs/trunk/src/security/tsecsslserverkeycert.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/tsecsslserverkeycert.dita?rev=1596037&view=auto
==============================================================================
--- db/derby/docs/trunk/src/security/tsecsslserverkeycert.dita (added)
+++ db/derby/docs/trunk/src/security/tsecsslserverkeycert.dita Mon May 19 20:09:33 2014
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE task PUBLIC "-//OASIS//DTD DITA Task//EN"
+ "../dtd/task.dtd">
+<!-- 
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at      
+
+   http://www.apache.org/licenses/LICENSE-2.0  
+
+Unless required by applicable law or agreed to in writing, software  
+distributed under the License is distributed on an "AS IS" BASIS,  
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  
+See the License for the specific language governing permissions and  
+limitations under the License.
+-->
+<task id="tsecsslserverkeycert" xml:lang="en-us">
+<title>Creating a server key pair and certificate</title>
+<shortdesc>Follow these steps to create a server key pair and a server
+certificate.</shortdesc>
+<taskbody>
+<steps>
+<step>
+<cmd>On the server system, issue the following command to to create a server
+key pair in a key store guarded by the <codeph>secretServerPassword</codeph>
+password:</cmd>
+<stepxmp><codeblock><b>keytool -genkey -alias MyServerName -keystore ~/vault/ServerKeyStore</b>
+Enter keystore password: <b>secretServerPassword</b>
+...</codeblock>
+</stepxmp>
+</step>
+<step>
+<cmd>Issue the following command (all on one line) to create a certificate named
+<codeph>ServerCertificate</codeph> from this key:</cmd>
+<stepxmp><codeblock><b>keytool -export -alias MyServerName \
+-keystore ~/vault/ServerKeyStore -rfc -file ServerCertificate \
+-storepass secretServerPassword</b></codeblock>
+</stepxmp>
+</step>
+</steps>
+</taskbody>
+</task>

Propchange: db/derby/docs/trunk/src/security/tsecsslserverkeycert.dita
------------------------------------------------------------------------------
    svn:eol-style = native