db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sunitha Kambhampati <ksunitha...@gmail.com>
Subject Re: [jira] Commented: (DERBY-962) Upgrade default security mechanism in client to use encrypted userid password if client can support it.
Date Fri, 17 Feb 2006 01:41:07 GMT
Bryan Pendleton (JIRA) wrote:

>    [ http://issues.apache.org/jira/browse/DERBY-962?page=comments#action_12366521 ] 
>
>Bryan Pendleton commented on DERBY-962:
>---------------------------------------
>
>I agree, Sunitha. If the user says something like:
>
>connect 'jdbc:derby://localhost:1527/testdb;create=true;securityMechanism=4;user=bryan;password=bryan';

>
>we should not quietly change the securityMechanism to 3 and quietly send the password
in the clear. That's a bad default to have.
>
>  
>
Thanks Bryan for your input. 

Sunitha.

Mime
View raw message