The network startup scripts are broken now, as a result of the work I am
doing on DERBY-2196. We decided that, to avoid giving customers a false
sense of security, the secure-by-default server should fail to come up
if the customer does not specify how they want to authenticate users.
Now when you run the network startup script, the script fails fast,
telling you that you have to specify an authentication scheme.
How should we handle this?
1) Make the out-of-the-box server come up with Builtin authentication
and one distinguished user if authentication is otherwise not specified.
This distinguished system administrator would have a canonical name and
password.
2) Revisit our decision to require authentication. Instead, let the
server come up installing a security manager even though the customer
has not specified any authentication scheme.
3) Add the -noSecurityManager option to the server boot command.
4) Something else?
I would appreciate the community's advice here.
Thanks,
-Rick
