[jira] Updated: (DERBY-928) Add ability to network server to accept connections with a certain security mechanism.

Fri, 11 Aug 2006 10:55:07 -0700 

     [ http://issues.apache.org/jira/browse/DERBY-928?page=all ]

Sunitha Kambhampati updated DERBY-928:
--------------------------------------

    Derby Info: [Release Note Needed]

Adding the release note needed flag.  Information is in wiki 
http://wiki.apache.org/db-derby/SecurityMechanism   I'll try to post the info 
in release note format.

> Add ability to network server to accept connections with a certain security 
> mechanism.
> --------------------------------------------------------------------------------------
>
>                 Key: DERBY-928
>                 URL: http://issues.apache.org/jira/browse/DERBY-928
>             Project: Derby
>          Issue Type: New Feature
>          Components: Network Server
>            Reporter: Sunitha Kambhampati
>         Assigned To: Sunitha Kambhampati
>             Fix For: 10.2.0.0
>
>         Attachments: Derby928.3.diff.txt, Derby928.3.stat.txt, 
> Derby928.diff.txt, Derby928.stat.txt, Derby928_canons.diff.txt, 
> Derby928_canons.stat.txt, Derby928_Table_SecurityMechanisms..htm, 
> Derby928_v2_diff.txt, Derby928_v2_stat.txt
>
>
> Currently the network server has support for the following security mechanisms
> 1) USRIDONL (userid only),
> 2) USRIDPWD (clear text userid and password),
> 3) EUSRIDPWD (encrypted userid and password).
> Thus the #3 encrypted userid and password security mechanism is secure with 
> respect to the userid/password sent across the wire.  Currently there is no 
> way to setup the network server to ensure that it accepts connections coming 
> in at a certain security mechanism.   It seems reasonable & useful to have a 
> server want to accept connections from clients with a particular security 
> mechanism (e.g  lets say encrypted userid/password and reject usridpwd ie 
> clear text userid and password)
> This jira will add support for this by adding a property to enable the server 
> to be able to accept connections from clients with a certain security 
> mechanism.
> --------------------
> I actually couldnt find if a rank was given to the security mechanisms in the 
> drda spec.  If it were so, then maybe a property for setting the minimum 
> security mechanism accepted by the server would be appropriate.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to