[
https://issues.apache.org/jira/browse/DERBY-6234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13903498#comment-13903498
]
Kim Haase commented on DERBY-6234:
----------------------------------
Work on this issue will involve the following changes. (I have a few questions
here and there.)
Developer's Guide:
"Shutting down Derby or an individual database" (tdevdvlp40464.dita): remove
note. Does the preceding paragraph need changes?
"Scope of properties" (cdevsetprop824451.dita) remove mention of BUILTIN and
following note.
"Working with user authentication" (cdevcsecure42374.dita): remove bullet item
and following note.
"Defining users" (cdevcsecure37817.dita): remove bullet item referencing the
"BUILTIN Derby users" topic.
"Guest access to search for DNs" (cdevcsecure876908.dita): remove sentence and
bullet list about when Derby does not initiate a search (mentions
derby.user.UserName).
"BUILTIN Derby users" (cdevcsecure21547.dita): remove this topic and its
subtopics "Database-level properties" (cdevcsecure864642.dita) and
"System-level properties" (cdevcsecure864692.dita).
"List of user authentication properties" (rdevcsecure557.dita): remove mention
of BUILTIN in second row; row on derby.user.UserName property; and note at end.
Reference Manual:
"Derby properties" (crefproper22250.dita): remove link to derby.user.UserName
topic.
"derby.authentication.builtin.algorithm" (rrefproperbuiltinalgorithm.dita):
remove mention of BUILTIN authentication.
"derby.authentication.builtin.iterations" (rrefproperiterations.dita): remove
mention of BUILTIN authentication.
"derby.authentication.builtin.saltLength" (rrefpropersaltlength.dita): remove
mention of BUILTIN authentication.
"derby.authentication.provider" (rrefproper13766.dita): removed bullet item on
BUILTIN.
Are the topics "SYSCS_UTIL.SYSCS_SET_USER_ACCESS system procedure"
(rrefsetuseraccess.dita), "derby.database.fullAccessUsers"
(rrefproper25025.dita), and "derby.database.readOnlyAccessUsers"
(rrefproper39325.dita) relevant to non-BUILTIN authentication? The Developer's
Guide says they are not relevant "if you use SQL authorization (the default
with NATIVE authentication)". Are they relevant to LDAP or class-based
authentication? (There are some Dev Guide topics that mention these properties
also.)
"derby.user.UserName" (rrefproper27355.dita): remove this topic and its
subtopic, "Caching user DNs" (rrefpropercachedn.dita).
"derby.authentication.ldap.searchFilter" (rrefproper37341.dita): remove mention
of derby.user property value.
> Remove references to BUILTIN authentication from the user guides
> ----------------------------------------------------------------
>
> Key: DERBY-6234
> URL: https://issues.apache.org/jira/browse/DERBY-6234
> Project: Derby
> Issue Type: Improvement
> Components: Documentation
> Affects Versions: 10.11.0.0
> Reporter: Rick Hillegas
> Assignee: Kim Haase
>
> BUILTIN authentication is a scheme suitable only for regression tests. Many
> security problems make it inappropriate for production use. To avoid
> confusion and prevent users from selecting this insecure authentication
> scheme, we should remove references to it from our user documentation.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
