[
https://issues.apache.org/jira/browse/DERBY-6234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13907522#comment-13907522
]
Kim Haase commented on DERBY-6234:
----------------------------------
For LDAP, can derby.user.UserName be set at the system level or only at the
database level? That is, does "locally" mean within the database only? The
examples show database-only settings. This may mean that the subtopics of
cdevcsecure21547.dita should actually be removed.
I am planning to get rid of the "Caching user DNs" subtopic
(rrefpropercachedn.dita) and move any information that isn't already provided
there into the derby.user.UserName topic.
> Remove references to BUILTIN authentication from the user guides
> ----------------------------------------------------------------
>
> Key: DERBY-6234
> URL: https://issues.apache.org/jira/browse/DERBY-6234
> Project: Derby
> Issue Type: Improvement
> Components: Documentation
> Affects Versions: 10.11.0.0
> Reporter: Rick Hillegas
> Assignee: Kim Haase
> Attachments: DERBY-6234.diff, DERBY-6234.stat, DERBY-6234.zip
>
>
> BUILTIN authentication is a scheme suitable only for regression tests. Many
> security problems make it inappropriate for production use. To avoid
> confusion and prevent users from selecting this insecure authentication
> scheme, we should remove references to it from our user documentation.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
