[jira] Resolved: (DERBY-198) Add Support for network Server USRIDONL security

Tue, 31 May 2005 12:25:19 -0700 

     [ http://issues.apache.org/jira/browse/DERBY-198?page=all ]
     
Sunitha Kambhampati resolved DERBY-198:
---------------------------------------

    Resolution: Fixed

This fix was committed  with revision 160439 a while ago.
_________

The general flow is
client sends ACCSEC with CodePoint.SECMEC as SECMEC_USRIDONL (4) to use userid 
only security.
In the ACCSECRD the server sends secmec as SECMEC_USRIDONL which means it 
supports this security mechanism
Then client sends SECCHK sending only USRID
The server sends a SECCHKRM as normal after validating the userid. This is 
actually done by trying to obtain a connection from the database.

Changes that went in
-- Recognize CodePoint.SECMEC_USRIDONL sent in for CodePoint.SECMEC as part of 
the ACCSEC command (DRDAConnThread#parseACCSEC)
-- validate if the right parameters are sent for SECMEC_USRIDONL
-- Change the constant SECCHKCD_SECTKNMISSING to 
SECCHKCD_SECTKNMISSING_OR_INVALID for clarity. Since this code is sent in cases 
when the security token is invalid as well as when it is missing.
-- Changes to parseSECCHK to check for only the userid to support 
SECMEC_USRIDONL 
-- Changes to Database#makeConnection to take care of a null password 



> Add Support for network Server USRIDONL security
> ------------------------------------------------
>
>          Key: DERBY-198
>          URL: http://issues.apache.org/jira/browse/DERBY-198
>      Project: Derby
>         Type: Improvement
>   Components: Network Server
>     Versions: 10.1.0.0
>     Reporter: Kathey Marsden
>     Assignee: Sunitha Kambhampati
>     Priority: Minor
>      Fix For: 10.1.0.0
>  Attachments: Derby198.diff
>
> Currently Network Server supports only two security mechanisms.
> User ID and password  (usridpwd)
> User ID and encrypted password (eusridpwd)
> It would be good to add support for  User ID Only security so that it could 
> more closely match the embedded driver and not always require a password.
> See details of security mechanism implementations in section 4.4.2.1 of 
> DRDA V3 Vol. 1: Distributed Relational Database Architecture 
> http://www.opengroup.org/dbiop/

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira

Reply via email to