db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John H. Embretsen (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-2361) Documentation should give examples for using the different security mechanisms
Date Tue, 27 Feb 2007 19:42:05 GMT

    [ https://issues.apache.org/jira/browse/DERBY-2361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12476337
] 

John H. Embretsen commented on DERBY-2361:
------------------------------------------

Thank you, Kim, for working on this! I have looked through the html-output from your patch,
and it looks good to me. Nevertheless, here are a couple of nits in case you want/need to
submit another version:

- In rrefattribsecmech.html, user=userName and password=userPassword are links in the description
of value 3, but not in the description of value 4.
- cadminapps49914.html says that you need to specify both user and password when using CLEAR_TEXT_PASSWORD_SECURITY,
and user only when using USER_ONLY_SECURITY, but does not say anything about what is required
when the remaining two secMecs are used. Perhaps this is obvious to most readers (or specified
elsewhere in the manuals)?
- Perhaps it would be useful to link at least one of the topics to cadminappsclientsecurity.html
("Network client security")?


Finally, a general comment about documentation of security features...

This may have been discussed before, but in general, I think the security topics in the server&admin
guide are quite poorly organized. For example: 
  - there is the "Network client security" topic (http://db.apache.org/derby/docs/dev/adminguide/cadminappsclientsecurity.html)
under "Accessing the Network Server by using the network client driver".
  - there are the "Network Server user authentication..." topics and the "Enabling the encrypted
user ID and password security mechanism" topic under "Differences between running Derby in
embedded mode and using the Network Server" -> "User authentication differences"
  - there is the "Network Server security" topic (http://db.apache.org/derby/docs/dev/adminguide/cadminnetservsecurity.html)
under "Derby Network Server advanced topics", mentioning the host property/option only.
  - there is the "Running the Network Server under the security manager" topic in the same
section as the one above.

In addition there are several topics at various places in other manuals. I'm not surprised
that users are unable to find what they are looking for with respect to Derby Security. 

I think there should at least be one master topic for Derby security, linking to all other
sections/topics as appropriate. One idea could be to start off with a wiki page describing
the different security features of Derby (authentication, authorization, Security Manager,
etc.), linking to the relevant manual pages, and continue from there... 

> Documentation should give examples for using the different security mechanisms
> ------------------------------------------------------------------------------
>
>                 Key: DERBY-2361
>                 URL: https://issues.apache.org/jira/browse/DERBY-2361
>             Project: Derby
>          Issue Type: Improvement
>          Components: Documentation
>    Affects Versions: 10.2.2.0
>            Reporter: Andrew McIntyre
>         Assigned To: Kim Haase
>         Attachments: DERBY-2361.diff, DERBY-2361.zip, rrefattribsecmech.dita
>
>
> The Derby Server and Administration guide talks about the different security mechanisms,
but does not give examples of how these can be used via connection URLs, it only mentions
the client DataSource field names. 
> http://db.apache.org/derby/docs/10.2/adminguide/cadminapps49914.html
> The documentation should give examples of how to use the different security mechanisms
via connection URLs, and perhaps an example of how the client field names would be used programmatically.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message