db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kim Haase (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-2361) Documentation should give examples for using the different security mechanisms
Date Tue, 27 Feb 2007 22:22:06 GMT

    [ https://issues.apache.org/jira/browse/DERBY-2361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12476421

Kim Haase commented on DERBY-2361:

Thanks for these great comments, John. You're right that these topics need a thorough reworking
-- there's a lot of duplication. Since the primary focus of the next Derby release is security,
this is a good time to do that. It probably makes sense to file a separate issue for that;
I can do it. A wiki page would be helpful for now, but it's no substitute for good organization.

As for your comments on this particular issue, 

- In rrefattribsecmech.html, user=userName and password=userPassword are links in the description
of value 3, but not in the description of value 4.

Good point. I was applying the principle of linking only to the first occurrence of each attribute,
but that makes the two descriptions inconsistent. There's another occurrence of user=userName
later, too (along with all the related-topic links at the bottom). I'll think about this.

- cadminapps49914.html says that you need to specify both user and password when using CLEAR_TEXT_PASSWORD_SECURITY,
and user only when using USER_ONLY_SECURITY, but does not say anything about what is required
when the remaining two secMecs are used. Perhaps this is obvious to most readers (or specified
elsewhere in the manuals)?

You're right, it's unclear. I think it will help if I say in the description of USER_ONLY_SECURITY
that all other mechanisms require both username and password. 

- Perhaps it would be useful to link at least one of the topics to cadminappsclientsecurity.html
("Network client security")?

Probably, although there's almost complete duplication between cadminapps49914 and this one
(another instance of the organizational problems of the admin guide). 

I'll revise the patch tomorrow. In the meantime, further suggestions are welcome. Thanks again.

> Documentation should give examples for using the different security mechanisms
> ------------------------------------------------------------------------------
>                 Key: DERBY-2361
>                 URL: https://issues.apache.org/jira/browse/DERBY-2361
>             Project: Derby
>          Issue Type: Improvement
>          Components: Documentation
>    Affects Versions:
>            Reporter: Andrew McIntyre
>         Assigned To: Kim Haase
>         Attachments: DERBY-2361.diff, DERBY-2361.zip, rrefattribsecmech.dita
> The Derby Server and Administration guide talks about the different security mechanisms,
but does not give examples of how these can be used via connection URLs, it only mentions
the client DataSource field names. 
> http://db.apache.org/derby/docs/10.2/adminguide/cadminapps49914.html
> The documentation should give examples of how to use the different security mechanisms
via connection URLs, and perhaps an example of how the client field names would be used programmatically.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message