db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sunitha Kambhampati (JIRA)" <derby-...@db.apache.org>
Subject [jira] Resolved: (DERBY-198) Add Support for network Server USRIDONL security
Date Tue, 31 May 2005 19:24:56 GMT
     [ http://issues.apache.org/jira/browse/DERBY-198?page=all ]
Sunitha Kambhampati resolved DERBY-198:

    Resolution: Fixed

This fix was committed  with revision 160439 a while ago.

The general flow is
client sends ACCSEC with CodePoint.SECMEC as SECMEC_USRIDONL (4) to use userid only security.
In the ACCSECRD the server sends secmec as SECMEC_USRIDONL which means it supports this security
Then client sends SECCHK sending only USRID
The server sends a SECCHKRM as normal after validating the userid. This is actually done by
trying to obtain a connection from the database.

Changes that went in
-- Recognize CodePoint.SECMEC_USRIDONL sent in for CodePoint.SECMEC as part of the ACCSEC
command (DRDAConnThread#parseACCSEC)
-- validate if the right parameters are sent for SECMEC_USRIDONL
Since this code is sent in cases when the security token is invalid as well as when it is
-- Changes to parseSECCHK to check for only the userid to support SECMEC_USRIDONL 
-- Changes to Database#makeConnection to take care of a null password 

> Add Support for network Server USRIDONL security
> ------------------------------------------------
>          Key: DERBY-198
>          URL: http://issues.apache.org/jira/browse/DERBY-198
>      Project: Derby
>         Type: Improvement
>   Components: Network Server
>     Versions:
>     Reporter: Kathey Marsden
>     Assignee: Sunitha Kambhampati
>     Priority: Minor
>      Fix For:
>  Attachments: Derby198.diff
> Currently Network Server supports only two security mechanisms.
> User ID and password  (usridpwd)
> User ID and encrypted password (eusridpwd)
> It would be good to add support for  User ID Only security so that it could more closely
match the embedded driver and not always require a password.
> See details of security mechanism implementations in section of 
> DRDA V3 Vol. 1: Distributed Relational Database Architecture 
> http://www.opengroup.org/dbiop/

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:

View raw message