[ http://issues.apache.org/jira/browse/DERBY-1756?page=comments#action_12432195 ] Francois Orsini commented on DERBY-1756: ----------------------------------------
Looks good Sunitha - Just some minor comment... In ClientBaseDataSource.java, I think it would be good to leave most of the logic around support for EUSRIDPWD checks in the file as this would certainly get re-enabled once #1517 and #1755 are fixed...I believe they will still be valid, even if some logic is being moved around in some other helper classes used during secmec handshake/negotiation . They can be left commented out with a comment explaining why (such as mentioning JIRA-1517, JIRA-1755) - as I did in my note for the USRSSBPWD upgrade (commented out as well for now). My IMPORTANT NOTE on USRSSBPWD upgrade comment is out of context if the 3 lines above (shown below) are removed...as we will still try to upgrade to EUSRIDPWD if the client supports it when it is re-enabled... - if (SUPPORTS_EUSRIDPWD) - return (short)NetConfiguration.SECMEC_EUSRIDPWD; - else Just some suggestion...meanwhile #1517 and #1755 are addressed.... > Revert change in client that defaults the secmec to eusridpwd. > -------------------------------------------------------------- > > Key: DERBY-1756 > URL: http://issues.apache.org/jira/browse/DERBY-1756 > Project: Derby > Issue Type: Bug > Components: Network Client > Affects Versions: 10.2.1.0 > Reporter: Sunitha Kambhampati > Assigned To: Sunitha Kambhampati > Fix For: 10.2.1.0 > > Attachments: derby1756.diff.txt, derby1756.stat.txt > > > With changes to derby-962, the client would default to eusridpwd if the > client jvm supports it. It is not sufficient to only check if client jvm can > support eusridpwd but we need to verify if the server can support the > particular secmec. > There are other existing jiras DERBY-1675,DERBY-1517,DERBY-1755 that will > help to address the issue of upgrading to a better security mechanism. > This jira will change the default security mechanism to 3 as it was before > derby-962 changes. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira