[ https://issues.apache.org/jira/browse/DERBY-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kim Haase updated DERBY-1823: ----------------------------- Attachment: DERBY-1823-3.zip DERBY-1823-4.diff Attaching DERBY-1823-4.diff and DERBY-1823-3.zip. After looking at the "User authorizations" topic and the others related to SQL authorization and user authentication, I realized you were right that the pointer really does belong in these two topics -- the parent topics have a different focus. I hope this does the job. We don't seem to have a complete program example that uses SQL authorization. Do you think it would be useful to have one? That would definitely need a separate JIRA. > Derby Developer's Guide - Issues w/ User authentication and authorization > extended examples section/paragraph > -------------------------------------------------------------------------------------------------------------- > > Key: DERBY-1823 > URL: https://issues.apache.org/jira/browse/DERBY-1823 > Project: Derby > Issue Type: Bug > Components: Documentation > Affects Versions: 10.1.1.0, 10.1.2.1, 10.1.3.1, 10.2.1.6, 10.2.2.0, > 10.3.1.4 > Reporter: Francois Orsini > Assignee: Kim Haase > Priority: Minor > Attachments: DERBY-1823-2.diff, DERBY-1823-2.zip, DERBY-1823-3.diff, > DERBY-1823-3.zip, DERBY-1823-4.diff, DERBY-1823.diff, DERBY-1823.zip > > > There is a couple of issues with the paragraph/section "User authentication > and authorization extended examples" in the developer's guide > http://db.apache.org/derby/docs/10.2/devguide/rdevcsecure26537.html > 1) The methods turnOnBuiltInUsers() & turnOffBuiltInUsers() do NOT shutdown > and reboot the database for which the > 'derby.connection.requireAuthentication' authentication database property is > being set - as this last one is a derby static property, it will not be taken > into account until the database is rebooted (or the whole derby engine > instance). Hence, the 2 checks for "Confirming requireAuthentication" is > misleading as the property value is changed _but_ the actual database > authentication enabling/disabling has not changed since it was last booted. > Database needs to be shutdown and rebooted after > 'derby.connection.requireAuthentication' is set and then some negative > testing of invalid user connection needs to be added to show that only valid > users can connect (in the case, authentication is being enabled). > 2) Paragraph (extended examples section) also needs to be moved at the same > level as the 2 above such as: > "User authentication example in a single-user, embedded environment" > http://db.apache.org/derby/docs/10.2/devguide/rdevcsecure125.html > "User authentication example in a client/server environment" > http://db.apache.org/derby/docs/10.2/devguide/rdevcsecure13713.html > since the extended examples (once fixed - see 1)) can be applied in both a > client-server and embedded environments context. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.