[jira] Updated: (DERBY-963) Allow user friendly string values for security mechanism in client connection url.

Anders Morken (JIRA) Mon, 13 Nov 2006 01:02:59 -0800

     [ http://issues.apache.org/jira/browse/DERBY-963?page=all ]


Anders Morken updated DERBY-963:
--------------------------------

    Description: 
Overview:
DRDA spec specifies the following secmec (securitymechanism) values.
USRIDONL = 4
USRIDPWD = 3
USRSSBPWD = 8
EUSRIDPWD = 9

Currently in the client url, one would have to pass in the integer value for 
securityMechanism. e.g.
ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';

when using the datasource, the setSecurityMechanism(int) on the 
ClientDataSource can be used.
Constants are
ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
ClientDataSource.USER_ONLY_SECURITY (0x04)
ClientDataSource.STRONG_PASSWORD_SUBSTITUTE_SECURITY (0x08)
ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)

Add support in client to recognize the user friendly names for the 
securityMechanism attribute. The values that should be accepted are 
CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, 
ENCRYPTED_USER_AND_PASSWORD_SECURITY.

--------
To ensure that the old applications that were written to pass in an integer 
value for securityMechanism do not break with the new client , the client 
should probably support both the integer values as well as the string values.  

  was:
Overview:
DRDA spec specifies the following secmec (securitymechanism) values.
USRIDONL = 4
USRIDPWD = 3
EUSRIDPWD = 9

Currently in the client url, one would have to pass in the integer value for 
securityMechanism. e.g.
ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';

when using the datasource, the setSecurityMechanism(int) on the 
ClientDataSource can be used.
Constants are
ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
ClientDataSource.USER_ONLY_SECURITY (0x04)
ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)

Add support in client to recognize the user friendly names for the 
securityMechanism attribute. The values that should be accepted are 
CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, 
ENCRYPTED_USER_AND_PASSWORD_SECURITY.

--------
To ensure that the old applications that were written to pass in an integer 
value for securityMechanism do not break with the new client , the client 
should probably support both the integer values as well as the string values.  

     Derby Info:   (was: [Patch Available])

Updating description to add new the new security mechanism to the spec, and 
unsetting the patch available flag. New and improved patch coming later. =)

> Allow user friendly string values for security mechanism in client connection 
> url.
> ----------------------------------------------------------------------------------
>
>                 Key: DERBY-963
>                 URL: http://issues.apache.org/jira/browse/DERBY-963
>             Project: Derby
>          Issue Type: Improvement
>          Components: Newcomer, Network Client
>    Affects Versions: 10.2.1.6, 10.0.2.2, 10.1.1.0, 10.1.3.1, 10.0.2.1, 
> 10.0.2.0, 10.1.2.1
>            Reporter: Sunitha Kambhampati
>         Assigned To: Anders Morken
>            Priority: Minor
>         Attachments: DERBY-963-code-v1.patch
>
>
> Overview:
> DRDA spec specifies the following secmec (securitymechanism) values.
> USRIDONL = 4
> USRIDPWD = 3
> USRSSBPWD = 8
> EUSRIDPWD = 9
> Currently in the client url, one would have to pass in the integer value for 
> securityMechanism. e.g.
> ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
> when using the datasource, the setSecurityMechanism(int) on the 
> ClientDataSource can be used.
> Constants are
> ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
> ClientDataSource.USER_ONLY_SECURITY (0x04)
> ClientDataSource.STRONG_PASSWORD_SUBSTITUTE_SECURITY (0x08)
> ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
> Add support in client to recognize the user friendly names for the 
> securityMechanism attribute. The values that should be accepted are 
> CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, 
> ENCRYPTED_USER_AND_PASSWORD_SECURITY.
> --------
> To ensure that the old applications that were written to pass in an integer 
> value for securityMechanism do not break with the new client , the client 
> should probably support both the integer values as well as the string values. 
>  

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Updated: (DERBY-963) Allow user friendly string values for security mechanism in client connection url.

Reply via email to