db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew McIntyre" <mcintyr...@gmail.com>
Subject Re: Security in Derby
Date Wed, 21 Feb 2007 17:29:20 GMT
On 2/21/07, Kim Haase <Camilla.Haase@sun.com> wrote:
> It seems that you can configure the network server in three different ways?
>
> 1) Setting the derby.drda.securityMechanism property on the command
> line, in the derby.properties file, or in the .bat or .ksh file, as
> documented in
> http://db.apache.org/derby/docs/dev/adminguide/adminguide-single.html#tadminconfigsettingnetwrokserverproperties

Note that this is to be set on the server side only, and restricts the
server to accepting connections from clients only with the specified
security mechanism.

Also, it might be nice to have a reference to these server properties
in the tuning guide where all the other properties are mentioned so
that there's a complete listing of the properties in one place.

> 2) In a JDBC program, calling the
> org.apache.derby.jdbc.ClientDataSource.setSecurityMechanism method
>
> 3) Specifying the connection URL property securityMechanism

Note that these two are for specifying the security mechanism for the
connection client side.

> But with the last one it seems you have to use a numeric literal? This
> seems unfortunate. I wonder if that is why it is not documented?

I'm not clear on the reason for the lack of documentation, but I agree
it is unfortunate. I've opened DERBY-2361 for adding documentation for
the connection URLs. See also DERBY-963 for changing the client to use
text names instead of numbers to match (1) and (2).

andrew

Mime
View raw message