db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Deepa Remesh" <drem...@gmail.com>
Subject Re: [jira] Commented: (DERBY-928) Add ability to network server to accept connections with a certain security mechanism.
Date Mon, 27 Feb 2006 22:43:44 GMT
Hi Sunitha,

I went through the patch and it looks good. However, the patch
(testSecMec.java file) does not apply cleanly to the latest trunk
revision. Please upload a new version of the patch and I'll take a
relook.

Minor comments:

1. In testSecMec.java, it would be good to update the comment for
runTest method to say something like pass/fail depends on the value of
securityMechanism specified for the server. It would be nice to have
your table in the html file
http://issues.apache.org/jira/secure/attachment/12322971/Derby928_Table_SecurityMechanisms..htm
or a pointer to it somewhere in here to show the different
combinations of url/security mechanisms and expected results.

2. Since the masters in DerbyNet and DerbyNetClient for the new test
sysinfo_withproperties are identical, it would be good to have just
one master file in the main master folder.

I have been trying to put this comment in JIRA but I am getting some
problem in rendering. So sending the mail to derby-dev.

Thanks,
Deepa

On 2/14/06, Sunitha Kambhampati (JIRA) <derby-dev@db.apache.org> wrote:
>     [ http://issues.apache.org/jira/browse/DERBY-928?page=comments#action_12366439 ]
>
> Sunitha Kambhampati commented on DERBY-928:
> -------------------------------------------
>
> I was looking at the sysinfo information that we print from the server and this also
prints information about the properties related to the server.  I will update the patch to
ensure information about this new property derby.drda.securityMechanism also gets reflected
when calling sysinfo from server.
>
> > Add ability to network server to accept connections with a certain security mechanism.
> > --------------------------------------------------------------------------------------
> >
> >          Key: DERBY-928
> >          URL: http://issues.apache.org/jira/browse/DERBY-928
> >      Project: Derby
> >         Type: New Feature
> >   Components: Network Server
> >     Reporter: Sunitha Kambhampati
> >     Assignee: Sunitha Kambhampati
> >      Fix For: 10.2.0.0
> >  Attachments: Derby928.diff.txt, Derby928.stat.txt, Derby928_Table_SecurityMechanisms..htm
> >
> > Currently the network server has support for the following security mechanisms
> > 1) USRIDONL (userid only),
> > 2) USRIDPWD (clear text userid and password),
> > 3) EUSRIDPWD (encrypted userid and password).
> > Thus the #3 encrypted userid and password security mechanism is secure with respect
to the userid/password sent across the wire.  Currently there is no way to setup the network
server to ensure that it accepts connections coming in at a certain security mechanism.  
It seems reasonable & useful to have a server want to accept connections from clients
with a particular security mechanism (e.g  lets say encrypted userid/password and reject usridpwd
ie clear text userid and password)
> > This jira will add support for this by adding a property to enable the server to
be able to accept connections from clients with a certain security mechanism.
> > --------------------
> > I actually couldnt find if a rank was given to the security mechanisms in the drda
spec.  If it were so, then maybe a property for setting the minimum security mechanism accepted
by the server would be appropriate.
>
> --
> This message is automatically generated by JIRA.
> -
> If you think it was sent incorrectly contact one of the administrators:
>    http://issues.apache.org/jira/secure/Administrators.jspa
> -
> For more information on JIRA, see:
>    http://www.atlassian.com/software/jira
>
>

Mime
View raw message