[jira] Updated: (DERBY-866) BUILT-IN Derby User Management (DDL) Enhancements

Fri, 28 Jul 2006 11:22:49 -0700 

     [ http://issues.apache.org/jira/browse/DERBY-866?page=all ]

Rick Hillegas updated DERBY-866:
--------------------------------

    Urgency: Normal

> BUILT-IN Derby User Management (DDL) Enhancements
> -------------------------------------------------
>
>                 Key: DERBY-866
>                 URL: http://issues.apache.org/jira/browse/DERBY-866
>             Project: Derby
>          Issue Type: Improvement
>          Components: Security
>    Affects Versions: 10.2.0.0
>            Reporter: Francois Orsini
>             Fix For: 10.2.0.0
>
>         Attachments: Derby_User_Enhancement.html, 
> Derby_User_Enhancement_v1.1.html
>
>
> Proposal to enhance Derby's Built-In DDL User Management. (See proposal spec 
> attached to the JIRA).
> Abstract:
> This feature aims at improving the way BUILT-IN users are managed in Derby by 
> providing a more intuitive and familiar DDL interface. Currently (in 
> 10.1.2.1), Built-In users can be defined at the system and/or database level. 
> Users created at the system level can be defined via JVM or/and Derby system 
> properties in the derby.properties file. Built-in users created at the 
> database level are defined via a call to a Derby system procedure 
> (SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY) which sets a database property.
> Defining a user at the system level is very convenient and practical during 
> the development phase (EOD) of an application - However, the user's password 
> is not encrypted and consequently appears in clear in the derby.properties 
> file. Hence, for an application going into production, whether it is embedded 
> or not, it is preferable to create users at the database level where the 
> password is encrypted.
> There is no real ANSI SQL standard for managing users in SQL but by providing 
> a more intuitive and known interface, it will ease Built-In User management 
> at the database level as well as Derby's adoption.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to