[
https://issues.apache.org/jira/browse/DERBY-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kim Haase updated DERBY-1823:
-----------------------------
Attachment: DERBY-1823-3.zip
DERBY-1823-4.diff
Attaching DERBY-1823-4.diff and DERBY-1823-3.zip. After looking at the "User
authorizations" topic and the others related to SQL authorization and user
authentication, I realized you were right that the pointer really does belong
in these two topics -- the parent topics have a different focus. I hope this
does the job.
We don't seem to have a complete program example that uses SQL authorization.
Do you think it would be useful to have one? That would definitely need a
separate JIRA.
> Derby Developer's Guide - Issues w/ User authentication and authorization
> extended examples section/paragraph
> --------------------------------------------------------------------------------------------------------------
>
> Key: DERBY-1823
> URL: https://issues.apache.org/jira/browse/DERBY-1823
> Project: Derby
> Issue Type: Bug
> Components: Documentation
> Affects Versions: 10.1.1.0, 10.1.2.1, 10.1.3.1, 10.2.1.6, 10.2.2.0,
> 10.3.1.4
> Reporter: Francois Orsini
> Assignee: Kim Haase
> Priority: Minor
> Attachments: DERBY-1823-2.diff, DERBY-1823-2.zip, DERBY-1823-3.diff,
> DERBY-1823-3.zip, DERBY-1823-4.diff, DERBY-1823.diff, DERBY-1823.zip
>
>
> There is a couple of issues with the paragraph/section "User authentication
> and authorization extended examples" in the developer's guide
> http://db.apache.org/derby/docs/10.2/devguide/rdevcsecure26537.html
> 1) The methods turnOnBuiltInUsers() & turnOffBuiltInUsers() do NOT shutdown
> and reboot the database for which the
> 'derby.connection.requireAuthentication' authentication database property is
> being set - as this last one is a derby static property, it will not be taken
> into account until the database is rebooted (or the whole derby engine
> instance). Hence, the 2 checks for "Confirming requireAuthentication" is
> misleading as the property value is changed _but_ the actual database
> authentication enabling/disabling has not changed since it was last booted.
> Database needs to be shutdown and rebooted after
> 'derby.connection.requireAuthentication' is set and then some negative
> testing of invalid user connection needs to be added to show that only valid
> users can connect (in the case, authentication is being enabled).
> 2) Paragraph (extended examples section) also needs to be moved at the same
> level as the 2 above such as:
> "User authentication example in a single-user, embedded environment"
> http://db.apache.org/derby/docs/10.2/devguide/rdevcsecure125.html
> "User authentication example in a client/server environment"
> http://db.apache.org/derby/docs/10.2/devguide/rdevcsecure13713.html
> since the extended examples (once fixed - see 1)) can be applied in both a
> client-server and embedded environments context.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
