db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Anders Morken (JIRA)" <j...@apache.org>
Subject [jira] Updated: (DERBY-963) Allow user friendly string values for security mechanism in client connection url.
Date Mon, 13 Nov 2006 09:02:38 GMT
     [ http://issues.apache.org/jira/browse/DERBY-963?page=all ]

Anders Morken updated DERBY-963:
--------------------------------

    Description: 
Overview:
DRDA spec specifies the following secmec (securitymechanism) values.
USRIDONL = 4
USRIDPWD = 3
USRSSBPWD = 8
EUSRIDPWD = 9

Currently in the client url, one would have to pass in the integer value for securityMechanism.
e.g.
ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';

when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
Constants are
ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
ClientDataSource.USER_ONLY_SECURITY (0x04)
ClientDataSource.STRONG_PASSWORD_SUBSTITUTE_SECURITY (0x08)
ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)

Add support in client to recognize the user friendly names for the securityMechanism attribute.
The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.

--------
To ensure that the old applications that were written to pass in an integer value for securityMechanism
do not break with the new client , the client should probably support both the integer values
as well as the string values.  

  was:
Overview:
DRDA spec specifies the following secmec (securitymechanism) values.
USRIDONL = 4
USRIDPWD = 3
EUSRIDPWD = 9

Currently in the client url, one would have to pass in the integer value for securityMechanism.
e.g.
ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';

when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
Constants are
ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
ClientDataSource.USER_ONLY_SECURITY (0x04)
ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)

Add support in client to recognize the user friendly names for the securityMechanism attribute.
The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.

--------
To ensure that the old applications that were written to pass in an integer value for securityMechanism
do not break with the new client , the client should probably support both the integer values
as well as the string values.  

     Derby Info:   (was: [Patch Available])

Updating description to add new the new security mechanism to the spec, and unsetting the
patch available flag. New and improved patch coming later. =)

> Allow user friendly string values for security mechanism in client connection url.
> ----------------------------------------------------------------------------------
>
>                 Key: DERBY-963
>                 URL: http://issues.apache.org/jira/browse/DERBY-963
>             Project: Derby
>          Issue Type: Improvement
>          Components: Newcomer, Network Client
>    Affects Versions: 10.2.1.6, 10.0.2.2, 10.1.1.0, 10.1.3.1, 10.0.2.1, 10.0.2.0, 10.1.2.1
>            Reporter: Sunitha Kambhampati
>         Assigned To: Anders Morken
>            Priority: Minor
>         Attachments: DERBY-963-code-v1.patch
>
>
> Overview:
> DRDA spec specifies the following secmec (securitymechanism) values.
> USRIDONL = 4
> USRIDPWD = 3
> USRSSBPWD = 8
> EUSRIDPWD = 9
> Currently in the client url, one would have to pass in the integer value for securityMechanism.
e.g.
> ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
> when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can
be used.
> Constants are
> ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
> ClientDataSource.USER_ONLY_SECURITY (0x04)
> ClientDataSource.STRONG_PASSWORD_SUBSTITUTE_SECURITY (0x08)
> ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
> Add support in client to recognize the user friendly names for the securityMechanism
attribute. The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY,
ENCRYPTED_USER_AND_PASSWORD_SECURITY.
> --------
> To ensure that the old applications that were written to pass in an integer value for
securityMechanism do not break with the new client , the client should probably support both
the integer values as well as the string values.  

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message