You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by rh...@apache.org on 2022/05/03 15:15:53 UTC
svn commit: r1900516 - in /db/derby/docs/trunk/src: adminguide/ devguide/ getstart/ ref/ security/ tools/
Author: rhillegas
Date: Tue May 3 15:15:53 2022
New Revision: 1900516
URL: http://svn.apache.org/viewvc?rev=1900516&view=rev
Log:
DERBY-7138: Remove references to the SecurityManager from the user guides; commit derby-7138-13-aa-adjustUserDocumentation.diff.
Removed:
db/derby/docs/trunk/src/adminguide/cadminreplicsecurity.dita
db/derby/docs/trunk/src/adminguide/radminjmxenablepolicy.dita
db/derby/docs/trunk/src/ref/rrefreloadpolicyproc.dita
db/derby/docs/trunk/src/security/csecjavasecurity.dita
db/derby/docs/trunk/src/security/csecrunpolicy.dita
db/derby/docs/trunk/src/security/rsecbasicclient.dita
db/derby/docs/trunk/src/security/rsecbasicengine.dita
db/derby/docs/trunk/src/security/rsecbasicserver.dita
db/derby/docs/trunk/src/security/rsecbasictools.dita
db/derby/docs/trunk/src/security/rsecpolicysample.dita
db/derby/docs/trunk/src/security/tsecnetservopen.dita
db/derby/docs/trunk/src/security/tsecnetservrun.dita
db/derby/docs/trunk/src/tools/rtoolsoptlucenesecman.dita
Modified:
db/derby/docs/trunk/src/adminguide/cadminov825266.dita
db/derby/docs/trunk/src/adminguide/cadminservlet98430.dita
db/derby/docs/trunk/src/adminguide/derbyadmin.ditamap
db/derby/docs/trunk/src/adminguide/radmindrdahost.dita
db/derby/docs/trunk/src/adminguide/radminjmxenablenoauth.dita
db/derby/docs/trunk/src/adminguide/radminjmxenablepwdssl.dita
db/derby/docs/trunk/src/adminguide/tadmincbdjhhfd.dita
db/derby/docs/trunk/src/adminguide/tadminconfig813694.dita
db/derby/docs/trunk/src/devguide/tdevdvlp20349.dita
db/derby/docs/trunk/src/devguide/tdevdvlp40464.dita
db/derby/docs/trunk/src/getstart/twwdactivity2.dita
db/derby/docs/trunk/src/getstart/twwdactivity4.dita
db/derby/docs/trunk/src/ref/refderby.ditamap
db/derby/docs/trunk/src/ref/rrefattribderegister.dita
db/derby/docs/trunk/src/security/cseccsecure863446.dita
db/derby/docs/trunk/src/security/csecpref23947.dita
db/derby/docs/trunk/src/security/csecputstart.dita
db/derby/docs/trunk/src/security/secderby.ditamap
db/derby/docs/trunk/src/tools/derbytools.ditamap
Modified: db/derby/docs/trunk/src/adminguide/cadminov825266.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/cadminov825266.dita?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/adminguide/cadminov825266.dita (original)
+++ db/derby/docs/trunk/src/adminguide/cadminov825266.dita Tue May 3 15:15:53 2022
@@ -55,18 +55,6 @@ including:</p>
<li>With your own Java program (written using the Network Server API)</li>
<li>By setting Network Server properties</li>
</ul>
-<p>By default a security manager will be installed with a basic security policy when a Network Server is started. This policy file is called <codeph>server.policy</codeph> and is part of
-<codeph>derbynet.jar</codeph>.
-For information about policy files, granting permissions, and property
-expansion, see "Default Policy Implementation and Policy File Syntax" at
-<xref format="html"
-href="http://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyFiles.html"
-scope="external">http://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyFiles.html</xref>
-and "Policy File Creation and Management" at
-<xref format="html"
-href="http://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyGuide.html"
-scope="external">http://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyGuide.html</xref>.
-</p>
<p><xref href="cadminapps59125.dita#cadminapps59125"></xref> explains how
to change existing Java applications that currently run against
<ph conref="../conrefs.dita#prod/productshortname"></ph> in embedded mode to run
Modified: db/derby/docs/trunk/src/adminguide/cadminservlet98430.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/cadminservlet98430.dita?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/adminguide/cadminservlet98430.dita (original)
+++ db/derby/docs/trunk/src/adminguide/cadminservlet98430.dita Tue May 3 15:15:53 2022
@@ -68,8 +68,8 @@ that will be used for the listening sock
the Network Server will listen to requests only on the loopback address, which
means that it will only accept connections from the local host. Changing this
value could expose the server to external connections, which raises security
-concerns, so before using the <codeph>host</codeph> parameter, you should run
-under the Java security manager and enable user authentication.</p>
+concerns, so before using the <codeph>host</codeph> parameter, you should
+enable user authentication.</p>
<p>This section describes the servlet pages.</p>
</section>
</conbody>
Modified: db/derby/docs/trunk/src/adminguide/derbyadmin.ditamap
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/derbyadmin.ditamap?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/adminguide/derbyadmin.ditamap (original)
+++ db/derby/docs/trunk/src/adminguide/derbyadmin.ditamap Tue May 3 15:15:53 2022
@@ -289,7 +289,6 @@ navtitle="Setting Network Server propert
<topicref href="radminjmxenablepwd.dita" navtitle="Enabling remote JMX with password authentication only"></topicref>
<topicref href="radminjmxenablepwdssl.dita" navtitle="Enabling remote JMX with password authentication and SSL"></topicref>
<topicref href="radminjmxenablesimpleauth.dita" navtitle="Simple authorization using an access file"></topicref>
-<topicref href="radminjmxenablepolicy.dita" navtitle="Fine-grained authorization using a security policy"></topicref>
<topicref href="radminjmxdisable.dita" navtitle="Disabling access to MBeans"></topicref>
</topicref>
<topicref href="radminjmxjconsole.dita" navtitle="Using JConsole to access the Derby MBeans"></topicref>
@@ -401,8 +400,6 @@ procedures to perform an online backup">
</topicref>
<topicref href="cadminreplicfailover.dita" navtitle="Forcing a failover">
</topicref>
-<topicref href="cadminreplicsecurity.dita" navtitle="Replication and security">
-</topicref>
<topicref href="cadminreplicfailures.dita" navtitle="Replication failure handling">
</topicref>
</topicref>
Modified: db/derby/docs/trunk/src/adminguide/radmindrdahost.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/radmindrdahost.dita?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/adminguide/radmindrdahost.dita (original)
+++ db/derby/docs/trunk/src/adminguide/radmindrdahost.dita Tue May 3 15:15:53 2022
@@ -32,7 +32,7 @@ needs to be set to enable remote connect
<p>By default, the Network Server will listen only on the loopback address. If
the property is set to <codeph>0.0.0.0</codeph>, the Network Server will listen
on all interfaces.</p>
-<p>Ensure that you are running under a security manager and that user
+<p>Ensure that user
authorization is enabled before you enable remote connections with this
property.</p>
</section>
Modified: db/derby/docs/trunk/src/adminguide/radminjmxenablenoauth.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/radminjmxenablenoauth.dita?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/adminguide/radminjmxenablenoauth.dita (original)
+++ db/derby/docs/trunk/src/adminguide/radminjmxenablenoauth.dita Tue May 3 15:15:53 2022
@@ -38,12 +38,6 @@ in production environments.</note></p>
-Dcom.sun.management.jmxremote.authenticate=false
-Dcom.sun.management.jmxremote.ssl=false
-jar $DERBY_HOME/lib/derbyrun.jar server start</b></codeblock>
-<p>When you start the Network Server from the command line, it automatically
-installs a security manager using a basic default security policy, unless you
-specify the <codeph>-noSecurityManager</codeph> option. You may need to
-customize this policy to make it suit your needs. See
-<xref href="radminjmxenablepolicy.dita#radminjmxenablepolicy"></xref> for
-details.</p>
</section>
</refbody>
</reference>
Modified: db/derby/docs/trunk/src/adminguide/radminjmxenablepwdssl.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/radminjmxenablepwdssl.dita?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/adminguide/radminjmxenablepwdssl.dita (original)
+++ db/derby/docs/trunk/src/adminguide/radminjmxenablepwdssl.dita Tue May 3 15:15:53 2022
@@ -29,8 +29,6 @@ follows.</shortdesc>
<refbody>
<section>
<ul>
-<li>Using a Java security manager and a custom policy file,
-<codeph>jmx.policy</codeph></li>
<li>Allowing connections from remote hosts (that is, on all IPv4 network
interfaces) by specifying <codeph>-h 0.0.0.0</codeph></li>
<li>Using password authentication, as described in
@@ -56,14 +54,7 @@ would enter it as a single <codeph>java<
-Djavax.net.ssl.trustStore=/home/user/.truststore
-Djavax.net.ssl.trustStorePassword=myTrustStorePassword
-Dcom.sun.management.jmxremote.registry.ssl=true
--Djava.security.manager
--Djava.security.policy=jmx.policy
-jar lib/derbyrun.jar server start -h 0.0.0.0</b></codeblock>
-<p><note>When password authentication is enabled and a Java Security Manager is
-installed, a number of JMX-related permissions need to be granted to trusted
-users in the security policy used. See
-<xref href="radminjmxenablepolicy.dita#radminjmxenablepolicy"></xref> for
-details.</note></p>
<p>In the example above, system properties specify the keystore containing the
server's key pair, the keystore password, the truststore containing the client
certificates, and the truststore password. Setting up SSL keystores and
Modified: db/derby/docs/trunk/src/adminguide/tadmincbdjhhfd.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/tadmincbdjhhfd.dita?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/adminguide/tadmincbdjhhfd.dita (original)
+++ db/derby/docs/trunk/src/adminguide/tadmincbdjhhfd.dita Tue May 3 15:15:53 2022
@@ -36,21 +36,6 @@ you run a Network Server. For details on
and authorization,
see "Configuring user authentication" and "Configuring user authorization" in
the <ph conref="../conrefs.dita#pub/citsec"></ph>.</p>
-<p>You are also urged to install a Java security manager with a customized security policy.
-For details on how to do this, see "Configuring Java security," also in
-the <ph conref="../conrefs.dita#pub/citsec"></ph>. By default a security manager will be installed with a default security policy when a Network Server is started. This default policy file is called <codeph>server.policy</codeph> and is part of
-<codeph>derbynet.jar</codeph>.
-There is also a <codeph>serverTemplate.policy</codeph> file in the <codeph>demo/templates</codeph> directory of the distribution.
-It can be used as a starting point for customizing a server policy. For more information about policy files, granting permissions, and property
-expansion, see "Default Policy Implementation and Policy File Syntax" at
-<xref format="html"
-href="http://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyFiles.html"
-scope="external">http://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyFiles.html</xref>
-and "Policy File Creation and Management" at
-<xref format="html"
-href="http://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyGuide.html"
-scope="external">http://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyGuide.html</xref>.
-</p>
<p>If you start the
<ph conref="../conrefs.dita#prod/productshortname"></ph> Network Server from the
command line as described here, access to databases and to other
@@ -233,8 +218,7 @@ option, as shown in the following exampl
<codeblock><b><userinput>$DERBY_HOME/bin/startNetworkServer -h myhost -p 1368</userinput></b></codeblock>
<p>where <varname>myhost</varname> is the host name or IP address.</p>
<note type="remember">Before using the <codeph>-h</codeph> option, you should
-run under the Java security manager with a customized security policy
-and you should enable user authentication.</note>
+enable user authentication.</note>
</li>
</ul>
</example>
Modified: db/derby/docs/trunk/src/adminguide/tadminconfig813694.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/tadminconfig813694.dita?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/adminguide/tadminconfig813694.dita (original)
+++ db/derby/docs/trunk/src/adminguide/tadminconfig813694.dita Tue May 3 15:15:53 2022
@@ -28,8 +28,6 @@ API<indexterm>NetworkServerControl class
</metadata></prolog>
<taskbody>
<context><p>There are four constructors for this class.</p>
-<note>Before enabling connections from other systems, ensure that you are
-running under a security manager.</note>
</context>
<steps-unordered>
<step><cmd><codeph>NetworkServerControl()</codeph></cmd>
Modified: db/derby/docs/trunk/src/devguide/tdevdvlp20349.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/tdevdvlp20349.dita?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/devguide/tdevdvlp20349.dita (original)
+++ db/derby/docs/trunk/src/devguide/tdevdvlp20349.dita Tue May 3 15:15:53 2022
@@ -41,11 +41,6 @@ Shutting down instance a816c00e-0139-bfe
database directory C:\sampledb with class loader
sun.misc.Launcher$AppClassLoader@9931f5
----------------------------------------------------------------</codeblock>
-<p>If you are running with a security manager, you must grant
-<ph conref="../conrefs.dita#prod/productshortname"></ph> permission to
-deregister the embedded driver in order to fully shut down the system. See
-"Configuring Java security" in the <ph conref="../conrefs.dita#pub/citsec"></ph>
-for details.</p>
<p>Typically,
an application using an embedded <ph conref="../conrefs.dita#prod/productshortname"></ph> engine
shuts down <ph conref="../conrefs.dita#prod/productshortname"></ph> just before
Modified: db/derby/docs/trunk/src/devguide/tdevdvlp40464.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/tdevdvlp40464.dita?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/devguide/tdevdvlp40464.dita (original)
+++ db/derby/docs/trunk/src/devguide/tdevdvlp40464.dita Tue May 3 15:15:53 2022
@@ -34,11 +34,6 @@ down Derby<indexterm>using database conn
<context> <codeblock>jdbc:derby:;<ph>shutdown=true</ph></codeblock><p>A successful
shutdown always results in an <i>SQLException</i> to indicate that <ph conref="../conrefs.dita#prod/productshortname"></ph> has
shut down and that there is no other exception.</p>
-<p>If you are running with a security manager on JDK 8 or higher, you must grant
-<ph conref="../conrefs.dita#prod/productshortname"></ph> permission to
-deregister the embedded driver in order to fully shut down the system. See
-"Configuring Java security" in the <ph conref="../conrefs.dita#pub/citsec"></ph>
-for details.</p>
<p>If you have enabled user authentication at the system level, you will need to
specify credentials (that is, username and password) in order to shut down a
<ph conref="../conrefs.dita#prod/productshortname"></ph> system, and the
Modified: db/derby/docs/trunk/src/getstart/twwdactivity2.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/getstart/twwdactivity2.dita?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/getstart/twwdactivity2.dita (original)
+++ db/derby/docs/trunk/src/getstart/twwdactivity2.dita Tue May 3 15:15:53 2022
@@ -57,14 +57,12 @@ perform some basic SQL operations.</p></
<row>
<entry colname="col1">UNIX (Korn Shell)</entry>
<entry colname="col2"><codeblock><b><userinput>java -jar $DERBY_HOME/lib/derbyrun.jar server start</userinput></b>
-<systemoutput>Wed Nov 28 10:08:29 PST 2018 : Security manager installed using the Basic server security policy.
-Wed Nov 28 10:08:37 PST 2018 : Apache Derby Network Server - 10.15.0.0 alpha - (1847657M) started and ready to accept connections on port 1527</systemoutput></codeblock></entry>
+<systemoutput>Wed Nov 28 10:08:37 PST 2018 : Apache Derby Network Server - 10.15.0.0 alpha - (1847657M) started and ready to accept connections on port 1527</systemoutput></codeblock></entry>
</row>
<row>
<entry colname="col1">Windows</entry>
<entry colname="col2"><codeblock><b><userinput>java -jar %DERBY_HOME%\lib\derbyrun.jar server start</userinput></b>
-<systemoutput>Wed Nov 28 10:08:29 PST 2018 : Security manager installed using the Basic server security policy.
-Wed Nov 28 10:08:37 PST 2018 : Apache Derby Network Server - 10.15.0.0 alpha - (1847657M) started and ready to accept connections on port 1527</systemoutput></codeblock></entry>
+<systemoutput>Wed Nov 28 10:08:37 PST 2018 : Apache Derby Network Server - 10.15.0.0 alpha - (1847657M) started and ready to accept connections on port 1527</systemoutput></codeblock></entry>
</row>
</tbody>
</tgroup>
Modified: db/derby/docs/trunk/src/getstart/twwdactivity4.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/getstart/twwdactivity4.dita?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/getstart/twwdactivity4.dita (original)
+++ db/derby/docs/trunk/src/getstart/twwdactivity4.dita Tue May 3 15:15:53 2022
@@ -140,13 +140,11 @@ performed successfully.) </stepresult></
<row>
<entry colname="col1">UNIX (Korn Shell)</entry>
<entry colname="col2"><codeblock><b><userinput>java -jar $DERBY_HOME/lib/derbyrun.jar server start</userinput></b>
-Wed Nov 28 13:21:31 PST 2018 : Security manager installed using the Basic server security policy.
Wed Nov 28 13:21:39 PST 2018 : Apache Derby Network Server - 10.15.0.0 alpha - (1847657M) started and ready to accept connections on port 1527</codeblock></entry>
</row>
<row>
<entry colname="col1">Windows</entry>
<entry colname="col2"><codeblock><b><userinput>java -jar %DERBY_HOME%\lib\derbyrun.jar server start</userinput></b>
-Wed Nov 28 13:21:31 PST 2018 : Security manager installed using the Basic server security policy.
Wed Nov 28 13:21:39 PST 2018 : Apache Derby Network Server - 10.15.0.0 alpha - (1847657M) started and ready to accept connections on port 1527</codeblock></entry>
</row>
</tbody>
Modified: db/derby/docs/trunk/src/ref/refderby.ditamap
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/ref/refderby.ditamap?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/ref/refderby.ditamap (original)
+++ db/derby/docs/trunk/src/ref/refderby.ditamap Tue May 3 15:15:53 2022
@@ -964,8 +964,6 @@ limitations under the License.
</topicref>
<topicref href="rrefregistertoolproc.dita" navtitle="SYSCS_UTIL.SYSCS_REGISTER_TOOL system procedure">
</topicref>
-<topicref href="rrefreloadpolicyproc.dita" navtitle="SYSCS_UTIL.SYSCS_RELOAD_SECURITY_POLICY system procedure">
-</topicref>
<topicref href="rrefnativeresetpasswordproc.dita" navtitle="SYSCS_UTIL.SYSCS_RESET_PASSWORD system procedure">
</topicref>
<topicref href="rrefsetdbpropproc.dita" navtitle="SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY system procedure">
Modified: db/derby/docs/trunk/src/ref/rrefattribderegister.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/ref/rrefattribderegister.dita?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/ref/rrefattribderegister.dita (original)
+++ db/derby/docs/trunk/src/ref/rrefattribderegister.dita Tue May 3 15:15:53 2022
@@ -34,17 +34,6 @@ garbage-collected.</shortdesc>
</metadata></prolog>
<refbody>
<section>
-<p>If you are running with a security manager on JDK 8 or higher, you must grant
-the following permission to <i>derby.jar</i> to allow the JDBC driver to be
-deregistered:</p>
-<codeblock>permission java.sql.SQLPermission "deregisterDriver";</codeblock>
-<p>See "Configuring Java security" in the
-<ph conref="../conrefs.dita#pub/citsec"></ph> for details. If you do not grant
-this permission when using a security manager, an error message and stack trace
-will appear in <i>derby.log</i> on shutdown, and the embedded JDBC driver
-will remain registered.</p>
-<p>If you are running with a security manager on JDK 6 or 7, you do not
-need to set this permission.</p>
<p>You initially register the embedded driver by calling a <i>DriverManager</i>
method such as <i>DriverManager.getDrivers()</i> or
<i>DriverManager.getConnection()</i>.</p>
Modified: db/derby/docs/trunk/src/security/cseccsecure863446.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/cseccsecure863446.dita?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/cseccsecure863446.dita (original)
+++ db/derby/docs/trunk/src/security/cseccsecure863446.dita Tue May 3 15:15:53 2022
@@ -62,13 +62,5 @@ unencrypted LDAP. To use SSL encrypted L
<codeph>derby.authentication.server</codeph> and
<codeph>derby.authentication.provider</codeph> properties, see the
<ph conref="../conrefs.dita#pub/citref"></ph>.</p>
-<p><note>If you run Java DB under a Java security manager, your policy file will
-need to grant <ph conref="../conrefs.dita#prod/productshortname"></ph> the
-privilege to connect to the LDAP server. To see how to do this, consult the
-policy file shown in <xref href="rsecpolicysample.dita"/>.
-Specifically, you will need to grant <codeph>java.net.SocketPermission</codeph>
-to <codeph>derby.jar</codeph>, so that the
-<ph conref="../conrefs.dita#prod/productshortname"></ph> code is allowed to
-contact the LDAP server to perform the authentication.</note></p>
</conbody>
</concept>
Modified: db/derby/docs/trunk/src/security/csecpref23947.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecpref23947.dita?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/csecpref23947.dita (original)
+++ db/derby/docs/trunk/src/security/csecpref23947.dita Tue May 3 15:15:53 2022
@@ -61,9 +61,6 @@ a legal user.</p></li>
<li><i><xref href="csecauthorization.dita"/></i>
<p>Explains how to configure authorization, which determines what operations can
be performed by a user's identity.</p></li>
-<li><i><xref href="csecjavasecurity.dita"/></i>
-<p>Explains how to use a Java security manager with
-<ph conref="../conrefs.dita#prod/productshortname"/>.</p></li>
<li><i><xref href="csecnetservfileperms.dita"/></i>
<p>Explains how to take advantage of file system protections.</p></li>
<li><i><xref href="csecputtogether.dita"/></i>
Modified: db/derby/docs/trunk/src/security/csecputstart.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/csecputstart.dita?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/csecputstart.dita (original)
+++ db/derby/docs/trunk/src/security/csecputstart.dita Tue May 3 15:15:53 2022
@@ -20,11 +20,10 @@ limitations under the License.
-->
<concept id="csecputstart" xml:lang="en-us">
<title>Starting a secured Network Server</title>
-<shortdesc>Bring up the server, turning on SSL and Java security.</shortdesc>
+<shortdesc>Bring up the server and turn on SSL.</shortdesc>
<conbody>
-<p>This example uses the customized security policy shown in
-<xref href="rsecpolicysample.dita#rsecpolicysample"></xref>. The command line
-first brings up the server, turning on SSL and Java Security. It also tells the
+<p>This example
+first brings up the server and turns on SSL. It also tells the
server that NATIVE credentials will be stored in the
<codeph>mchrystaEncryptedDB</codeph> database. That last directive causes the
<xref href="cseccsecuredbowner.dita">Database Owner</xref>'s credentials to be
@@ -36,8 +35,6 @@ created.</p>
-Djavax.net.ssl.trustStorePassword=secretServerTrustStorePassword \
-Dderby.storage.useDefaultFilePermissions=false \
-Dderby.authentication.provider=NATIVE:mchrystaEncryptedDB \
--Djava.security.manager \
--Djava.security.policy=/Users/me/myServer.policy \
org.apache.derby.drda.NetworkServerControl start -p 8246 \
-ssl peerAuthentication</b></codeblock>
</conbody>
Modified: db/derby/docs/trunk/src/security/secderby.ditamap
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/security/secderby.ditamap?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/security/secderby.ditamap (original)
+++ db/derby/docs/trunk/src/security/secderby.ditamap Tue May 3 15:15:53 2022
@@ -134,16 +134,6 @@
<topicref href="rseccsecurenativeauthex.dita" navtitle="NATIVE authentication and SQL authorization example"/>
</topicref>
</topicref>
-<topicref collection-type="family" href="csecjavasecurity.dita" navtitle="Configuring Java security">
-<topicref href="rsecbasicengine.dita" navtitle="Basic engine security policy template"/>
-<topicref href="rsecbasicserver.dita" navtitle="Basic server security policy template"/>
-<topicref href="rsecbasicclient.dita" navtitle="Basic client security policy template"/>
-<topicref href="rsecbasictools.dita" navtitle="Basic tools security policy template"/>
-<topicref href="rsecpolicysample.dita" navtitle="Sample customized Java security policy file"/>
-<topicref href="csecrunpolicy.dita" navtitle="Using a Java security policy file"/>
-<topicref href="tsecnetservrun.dita" navtitle="Running the Network Server with a security manager"/>
-<topicref href="tsecnetservopen.dita" navtitle="Running the Network Server without a security manager"/>
-</topicref>
<topicref href="csecnetservfileperms.dita" navtitle="Restricting file permissions"/>
<topicref collection-type="family" href="csecputtogether.dita" navtitle="Putting it all together">
<topicref href="csecputstart.dita" navtitle="Starting a secured Network Server"/>
Modified: db/derby/docs/trunk/src/tools/derbytools.ditamap
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/tools/derbytools.ditamap?rev=1900516&r1=1900515&r2=1900516&view=diff
==============================================================================
--- db/derby/docs/trunk/src/tools/derbytools.ditamap (original)
+++ db/derby/docs/trunk/src/tools/derbytools.ditamap Tue May 3 15:15:53 2022
@@ -207,7 +207,6 @@ limitations under the License.
<topicref href="rtoolsoptlucenequery.dita" navtitle="Querying an index"/>
<topicref href="rtoolsoptlucenedrop.dita" navtitle="Dropping an index"/>
<topicref href="rtoolsoptlucenelist.dita" navtitle="Listing indexes"/>
-<topicref href="rtoolsoptlucenesecman.dita" navtitle="Running the luceneSupport tool with a security manager"/>
</topicref>
<topicref href="rtoolsoptsimplejson.dita" navtitle="Using the simpleJson optional tool"></topicref>
<topicref href="rtoolsoptdbreader.dita" navtitle="Using the rawDBReader optional tool"></topicref>