db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kim Haase (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DERBY-6234) Remove references to BUILTIN authentication from the user guides
Date Mon, 17 Feb 2014 20:50:19 GMT

    [ https://issues.apache.org/jira/browse/DERBY-6234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13903498#comment-13903498
] 

Kim Haase commented on DERBY-6234:
----------------------------------

Work on this issue will involve the following changes. (I have a few questions here and there.)

Developer's Guide:

"Shutting down Derby or an individual database" (tdevdvlp40464.dita): remove note. Does the
preceding paragraph need changes?

"Scope of properties" (cdevsetprop824451.dita) remove mention of BUILTIN and following note.

"Working with user authentication" (cdevcsecure42374.dita): remove bullet item and following
note.

"Defining users" (cdevcsecure37817.dita): remove bullet item referencing the "BUILTIN Derby
users" topic.

"Guest access to search for DNs" (cdevcsecure876908.dita): remove sentence and bullet list
about when Derby does not initiate a search (mentions derby.user.UserName).

"BUILTIN Derby users" (cdevcsecure21547.dita): remove this topic and its subtopics "Database-level
properties" (cdevcsecure864642.dita) and "System-level properties" (cdevcsecure864692.dita).

"List of user authentication properties" (rdevcsecure557.dita): remove mention of BUILTIN
in second row; row on derby.user.UserName property; and note at end.

Reference Manual:

"Derby properties" (crefproper22250.dita): remove link to derby.user.UserName topic.

"derby.authentication.builtin.algorithm" (rrefproperbuiltinalgorithm.dita): remove mention
of BUILTIN authentication.

"derby.authentication.builtin.iterations" (rrefproperiterations.dita): remove mention of BUILTIN
authentication.

"derby.authentication.builtin.saltLength" (rrefpropersaltlength.dita): remove mention of BUILTIN
authentication.

"derby.authentication.provider" (rrefproper13766.dita): removed bullet item on BUILTIN.

Are the topics "SYSCS_UTIL.SYSCS_SET_USER_ACCESS system procedure" (rrefsetuseraccess.dita),
 "derby.database.fullAccessUsers" (rrefproper25025.dita), and "derby.database.readOnlyAccessUsers"
(rrefproper39325.dita) relevant to non-BUILTIN authentication? The Developer's Guide says
they are not relevant "if you use SQL authorization (the default with NATIVE authentication)".
Are they relevant to LDAP or class-based authentication? (There are some Dev Guide topics
that mention these properties also.)

"derby.user.UserName" (rrefproper27355.dita): remove this topic and its subtopic, "Caching
user DNs" (rrefpropercachedn.dita).

"derby.authentication.ldap.searchFilter" (rrefproper37341.dita): remove mention of derby.user
property value.


> Remove references to BUILTIN authentication from the user guides
> ----------------------------------------------------------------
>
>                 Key: DERBY-6234
>                 URL: https://issues.apache.org/jira/browse/DERBY-6234
>             Project: Derby
>          Issue Type: Improvement
>          Components: Documentation
>    Affects Versions: 10.11.0.0
>            Reporter: Rick Hillegas
>            Assignee: Kim Haase
>
> BUILTIN authentication is a scheme suitable only for regression tests. Many security
problems make it inappropriate for production use. To avoid confusion and prevent users from
selecting this insecure authentication scheme, we should remove references to it from our
user documentation.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message