db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Martin Zaun (JIRA)" <j...@apache.org>
Subject [jira] Updated: (DERBY-3585) Document user authentication support for network server shutdown
Date Wed, 02 Apr 2008 00:01:24 GMT

     [ https://issues.apache.org/jira/browse/DERBY-3585?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Martin Zaun updated DERBY-3585:

    Attachment: releaseNote.html

> I found with some experimenting that it also worked to use the user/password constructor
for start. e.g.
>    NetworkServerControl nscauth = new NetworkServerControl(user, password);
>    nscauth.start();
>    ...
>    nscauth.shutdown();
> Is that an acceptable workaround?

Definitely, and I meant this to be covered by list item #2. But since this is a major use
case, I made it explicit and updated the releaseNote.html.

Hope this makes it clearer.

> Are there plans for the future to add authentication checks to start? 

That makes sense to me, though it would introduce a few more (minor) usage incompatibilities.

In any case we should address the asymmetry of requiring user credentials to shutdown a server
but not to start one.

While we could relax the credentials requirement for shutdown, it appears easiest to me to
have but one rule: when running with user authentication, users need to provide credentials
to be able to do any server administration action.

Note that there is another post 10.4 brainstorming item of how to reconcile certificate-based
authentication scheme (JMX) with user/password requirements (dual or single logins).

> Document user authentication support for network server shutdown
> ----------------------------------------------------------------
>                 Key: DERBY-3585
>                 URL: https://issues.apache.org/jira/browse/DERBY-3585
>             Project: Derby
>          Issue Type: Sub-task
>          Components: Documentation
>            Reporter: Martin Zaun
>            Assignee: Martin Zaun
>             Fix For:
>         Attachments: releaseNote.html, releaseNote.html
> As part of the System Privileges work in DERBY-2109, the support of user authentication
for network server shutdown was discussed, implemented, and committed (revision 632502).
> In order to address a security issue (missing user authentication for shutdown), this
feature introduces a few incompatibilities with the usage of NetworkServerControl, which need
to be documented.
> This JIRA is to provide for the user documentation and the release notes describing the
usage changes and incompatibilities.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message