Hi Sunitha, I went through the patch and it looks good. However, the patch (testSecMec.java file) does not apply cleanly to the latest trunk revision. Please upload a new version of the patch and I'll take a relook.
Minor comments: 1. In testSecMec.java, it would be good to update the comment for runTest method to say something like pass/fail depends on the value of securityMechanism specified for the server. It would be nice to have your table in the html file http://issues.apache.org/jira/secure/attachment/12322971/Derby928_Table_SecurityMechanisms..htm or a pointer to it somewhere in here to show the different combinations of url/security mechanisms and expected results. 2. Since the masters in DerbyNet and DerbyNetClient for the new test sysinfo_withproperties are identical, it would be good to have just one master file in the main master folder. I have been trying to put this comment in JIRA but I am getting some problem in rendering. So sending the mail to derby-dev. Thanks, Deepa On 2/14/06, Sunitha Kambhampati (JIRA) <[email protected]> wrote: > [ > http://issues.apache.org/jira/browse/DERBY-928?page=comments#action_12366439 ] > > Sunitha Kambhampati commented on DERBY-928: > ------------------------------------------- > > I was looking at the sysinfo information that we print from the server and > this also prints information about the properties related to the server. I > will update the patch to ensure information about this new property > derby.drda.securityMechanism also gets reflected when calling sysinfo from > server. > > > Add ability to network server to accept connections with a certain security > > mechanism. > > -------------------------------------------------------------------------------------- > > > > Key: DERBY-928 > > URL: http://issues.apache.org/jira/browse/DERBY-928 > > Project: Derby > > Type: New Feature > > Components: Network Server > > Reporter: Sunitha Kambhampati > > Assignee: Sunitha Kambhampati > > Fix For: 10.2.0.0 > > Attachments: Derby928.diff.txt, Derby928.stat.txt, > > Derby928_Table_SecurityMechanisms..htm > > > > Currently the network server has support for the following security > > mechanisms > > 1) USRIDONL (userid only), > > 2) USRIDPWD (clear text userid and password), > > 3) EUSRIDPWD (encrypted userid and password). > > Thus the #3 encrypted userid and password security mechanism is secure with > > respect to the userid/password sent across the wire. Currently there is no > > way to setup the network server to ensure that it accepts connections > > coming in at a certain security mechanism. It seems reasonable & useful > > to have a server want to accept connections from clients with a particular > > security mechanism (e.g lets say encrypted userid/password and reject > > usridpwd ie clear text userid and password) > > This jira will add support for this by adding a property to enable the > > server to be able to accept connections from clients with a certain > > security mechanism. > > -------------------- > > I actually couldnt find if a rank was given to the security mechanisms in > > the drda spec. If it were so, then maybe a property for setting the > > minimum security mechanism accepted by the server would be appropriate. > > -- > This message is automatically generated by JIRA. > - > If you think it was sent incorrectly contact one of the administrators: > http://issues.apache.org/jira/secure/Administrators.jspa > - > For more information on JIRA, see: > http://www.atlassian.com/software/jira > >
