[jira] Commented: (DERBY-3585) Document user authentication support for network server shutdown

Tue, 01 Apr 2008 16:23:54 -0700 

    [ 
https://issues.apache.org/jira/browse/DERBY-3585?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12584354#action_12584354
 ] 

Kathey Marsden commented on DERBY-3585:
---------------------------------------

Thanks Martin for the release note.  I have  a question on the edge case:
Note that there is an edge case

    NetworkServerControl nsc = new NetworkServerControl();
    nsc.start(console);
    ...
    nsc.shutdown();

which currently fails with above's SQLException.

An quick workaround, however, is to create another NetworkServerControl 
instance with user credential arguments:

    NetworkServerControl nsc = new NetworkServerControl();
    nsc.start(console);
    ...
    NetworkServerControl nscauth = new NetworkServerControl(user, password);
    nscauth.shutdown();


I found with some experimenting that it also worked to use the user/password 
constructor for start. e.g.

    NetworkServerControl nscauth = new NetworkServerControl(user, password);
    nscauth.start();
    ...
    nscauth.shutdown();

Is that an acceptable workaround? Are there plans for the future to add 
authentication checks to start?



> Document user authentication support for network server shutdown
> ----------------------------------------------------------------
>
>                 Key: DERBY-3585
>                 URL: https://issues.apache.org/jira/browse/DERBY-3585
>             Project: Derby
>          Issue Type: Sub-task
>          Components: Documentation
>            Reporter: Martin Zaun
>            Assignee: Martin Zaun
>             Fix For: 10.4.0.0
>
>         Attachments: releaseNote.html
>
>
> As part of the System Privileges work in DERBY-2109, the support of user 
> authentication for network server shutdown was discussed, implemented, and 
> committed (revision 632502).
> In order to address a security issue (missing user authentication for 
> shutdown), this feature introduces a few incompatibilities with the usage of 
> NetworkServerControl, which need to be documented.
> This JIRA is to provide for the user documentation and the release notes 
> describing the usage changes and incompatibilities.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to