[
https://issues.apache.org/jira/browse/DERBY-2361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12476337
]
John H. Embretsen commented on DERBY-2361:
------------------------------------------
Thank you, Kim, for working on this! I have looked through the html-output from
your patch, and it looks good to me. Nevertheless, here are a couple of nits in
case you want/need to submit another version:
- In rrefattribsecmech.html, user=userName and password=userPassword are links
in the description of value 3, but not in the description of value 4.
- cadminapps49914.html says that you need to specify both user and password
when using CLEAR_TEXT_PASSWORD_SECURITY, and user only when using
USER_ONLY_SECURITY, but does not say anything about what is required when the
remaining two secMecs are used. Perhaps this is obvious to most readers (or
specified elsewhere in the manuals)?
- Perhaps it would be useful to link at least one of the topics to
cadminappsclientsecurity.html ("Network client security")?
Finally, a general comment about documentation of security features...
This may have been discussed before, but in general, I think the security
topics in the server&admin guide are quite poorly organized. For example:
- there is the "Network client security" topic
(http://db.apache.org/derby/docs/dev/adminguide/cadminappsclientsecurity.html)
under "Accessing the Network Server by using the network client driver".
- there are the "Network Server user authentication..." topics and the
"Enabling the encrypted user ID and password security mechanism" topic under
"Differences between running Derby in embedded mode and using the Network
Server" -> "User authentication differences"
- there is the "Network Server security" topic
(http://db.apache.org/derby/docs/dev/adminguide/cadminnetservsecurity.html)
under "Derby Network Server advanced topics", mentioning the host
property/option only.
- there is the "Running the Network Server under the security manager" topic
in the same section as the one above.
In addition there are several topics at various places in other manuals. I'm
not surprised that users are unable to find what they are looking for with
respect to Derby Security.
I think there should at least be one master topic for Derby security, linking
to all other sections/topics as appropriate. One idea could be to start off
with a wiki page describing the different security features of Derby
(authentication, authorization, Security Manager, etc.), linking to the
relevant manual pages, and continue from there...
> Documentation should give examples for using the different security mechanisms
> ------------------------------------------------------------------------------
>
> Key: DERBY-2361
> URL: https://issues.apache.org/jira/browse/DERBY-2361
> Project: Derby
> Issue Type: Improvement
> Components: Documentation
> Affects Versions: 10.2.2.0
> Reporter: Andrew McIntyre
> Assigned To: Kim Haase
> Attachments: DERBY-2361.diff, DERBY-2361.zip, rrefattribsecmech.dita
>
>
> The Derby Server and Administration guide talks about the different security
> mechanisms, but does not give examples of how these can be used via
> connection URLs, it only mentions the client DataSource field names.
> http://db.apache.org/derby/docs/10.2/adminguide/cadminapps49914.html
> The documentation should give examples of how to use the different security
> mechanisms via connection URLs, and perhaps an example of how the client
> field names would be used programmatically.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
