db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DERBY-5769) Notes deprecating BUILTIN authentication need fixing
Date Fri, 18 May 2012 13:36:07 GMT

    [ https://issues.apache.org/jira/browse/DERBY-5769?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13278800#comment-13278800

Rick Hillegas commented on DERBY-5769:

Thanks for the patch, Kim. Looks good. One comment:


If authentication is turned on, then credentials are required in order to shut down the engine.
This is true for LDAP and application-supplied authentication as well as for NATIVE and BUILTIN.
Also, database-specific credentials cannot be used to shut down the engine. Only system-wide
credentials can be used for this purpose. So I would change the third paragraph to say this:

"If you have enabled user authentication at the system level, you will need to specify credentials
(that is, username and password) in order to shut down a Derby system, and the supplied username
and password must also be defined at the system level."


> Notes deprecating BUILTIN authentication need fixing
> ----------------------------------------------------
>                 Key: DERBY-5769
>                 URL: https://issues.apache.org/jira/browse/DERBY-5769
>             Project: Derby
>          Issue Type: Bug
>          Components: Documentation
>    Affects Versions:
>            Reporter: Kim Haase
>            Assignee: Kim Haase
>         Attachments: DERBY-5769.diff, DERBY-5769.stat, DERBY-5769.zip
> In reviewing a DERBY-5767 patch, Rick Hillegas noticed that in the derby.authentication.provider
topic, "In the second, longer paragraph of the BUILTIN bullet, we recommend LDAP and user-supplied
schemes as alternatives to BUILTIN, but we don't recommend NATIVE. Did we decide to not recommend
NATIVE here or should this be adjusted to include it beside the other safe schemes? Thanks."
> In several topics, the notes were not modified to recommend NATIVE authentication the
same way they were elsewhere: "It is strongly recommended that production systems rely on
NATIVE authentication, an external directory service such as LDAP, or a user-defined class
for authentication." These notes need to be tidied up.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message