db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Knut Anders Hatlen <Knut.Hat...@Sun.COM>
Subject Re: Password encryption in 10.3 by default?
Date Tue, 21 Aug 2007 18:42:09 GMT
David Van Couvering <david@vancouvering.com> writes:

> Hi, all.  Someone asked me if things have changed around password
> encryption in 10.3 - is there some form of encryption by default, or
> is the default still to send the password in the clear?  I scanned the
> "what's new" section of the release page but couldn't find anything
> definitive...

Hi David,

It is my understanding that you still need to add the securityMechanism
attribute to the connection URL in order to get password encryption.

http://db.apache.org/derby/docs/dev/ref/rrefattribsecmech.html:

  Clear Text Password security is the default if you do not specify the
  securityMechanism attribute and you specify both the user=userName and
  password=userPassword attributes.

-- 
Knut Anders

Mime
View raw message