[
https://issues.apache.org/jira/browse/DERBY-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12537177
]
Francois Orsini commented on DERBY-1823:
----------------------------------------
Changes look good Kim. I guess we want to inform the users that these samples
are making use of Derby's built-in authentication mechanism (aka connection
authorization in Derby) but they could also use ANSI SQL Standard GRANT/REVOKE
object statements (aka SQL Authorization in Derby) and find more information by
pointing them to
http://db.apache.org/derby/docs/dev/devguide/devguide-single.html#cdevcsecure36595
Feel free to file a new JIRA if you think it is needed. I was just trying to
make sure that by looking at these samples, users miss the fact that Derby also
have support for GRANT/REVOKE.
> Derby Developer's Guide - Issues w/ User authentication and authorization
> extended examples section/paragraph
> --------------------------------------------------------------------------------------------------------------
>
> Key: DERBY-1823
> URL: https://issues.apache.org/jira/browse/DERBY-1823
> Project: Derby
> Issue Type: Bug
> Components: Documentation
> Affects Versions: 10.1.1.0, 10.1.2.1, 10.1.3.1, 10.2.1.6, 10.2.2.0,
> 10.3.1.4
> Reporter: Francois Orsini
> Assignee: Kim Haase
> Priority: Minor
> Attachments: DERBY-1823-2.diff, DERBY-1823-2.zip, DERBY-1823-3.diff,
> DERBY-1823.diff, DERBY-1823.zip
>
>
> There is a couple of issues with the paragraph/section "User authentication
> and authorization extended examples" in the developer's guide
> http://db.apache.org/derby/docs/10.2/devguide/rdevcsecure26537.html
> 1) The methods turnOnBuiltInUsers() & turnOffBuiltInUsers() do NOT shutdown
> and reboot the database for which the
> 'derby.connection.requireAuthentication' authentication database property is
> being set - as this last one is a derby static property, it will not be taken
> into account until the database is rebooted (or the whole derby engine
> instance). Hence, the 2 checks for "Confirming requireAuthentication" is
> misleading as the property value is changed _but_ the actual database
> authentication enabling/disabling has not changed since it was last booted.
> Database needs to be shutdown and rebooted after
> 'derby.connection.requireAuthentication' is set and then some negative
> testing of invalid user connection needs to be added to show that only valid
> users can connect (in the case, authentication is being enabled).
> 2) Paragraph (extended examples section) also needs to be moved at the same
> level as the 2 above such as:
> "User authentication example in a single-user, embedded environment"
> http://db.apache.org/derby/docs/10.2/devguide/rdevcsecure125.html
> "User authentication example in a client/server environment"
> http://db.apache.org/derby/docs/10.2/devguide/rdevcsecure13713.html
> since the extended examples (once fixed - see 1)) can be applied in both a
> client-server and embedded environments context.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
