[
https://issues.apache.org/jira/browse/DERBY-6234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13903510#comment-13903510
]
Kim Haase commented on DERBY-6234:
----------------------------------
Thanks, Rick!
The topic "Setting the default connection access mode" says of the
derby.database.defaultConnectionMode property that "If you use SQL
authorization (the default with NATIVE authentication), you typically do not
use this property."
The topic "Setting access for individual users" says of the
derby.database.fullAccessUsers and derby.database.readOnlyAccessUsers
properties that "If you use SQL authorization (the default with NATIVE
authentication), you typically do not use these properties."
Maybe I should remove those sentences? I'm not sure how they got in there. They
do pretty much contradict what the "User authorizations" topic says.
> Remove references to BUILTIN authentication from the user guides
> ----------------------------------------------------------------
>
> Key: DERBY-6234
> URL: https://issues.apache.org/jira/browse/DERBY-6234
> Project: Derby
> Issue Type: Improvement
> Components: Documentation
> Affects Versions: 10.11.0.0
> Reporter: Rick Hillegas
> Assignee: Kim Haase
>
> BUILTIN authentication is a scheme suitable only for regression tests. Many
> security problems make it inappropriate for production use. To avoid
> confusion and prevent users from selecting this insecure authentication
> scheme, we should remove references to it from our user documentation.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
