You are viewing a plain text version of this content. The canonical link for it is here.

Posted to derby-dev@db.apache.org by "Knut Anders Hatlen (JIRA)" <ji...@apache.org> on 2006/11/12 19:59:38 UTC

[jira] Commented: (DERBY-963) Allow user friendly string values for security mechanism in client connection url.

    [ http://issues.apache.org/jira/browse/DERBY-963?page=comments#action_12449165 ] 
            
Knut Anders Hatlen commented on DERBY-963:
------------------------------------------

Wow! Almost five months since the patch was submitted, and no comments yet! Sorry about that! :(

I think the suggested patch looks good. My only comment is that I'm not sure ClientBaseDataSource.getSecurityMechanism(java.util.Properties) should throw client.am.SqlException since it is part of our public API. java.sql.SQLException would perhaps have been better. But to be frank, I don't understand why getSecurityMechanism(Properties) is part of our public API in the first place.

> Allow user friendly string values for security mechanism in client connection url.
> ----------------------------------------------------------------------------------
>
>                 Key: DERBY-963
>                 URL: http://issues.apache.org/jira/browse/DERBY-963
>             Project: Derby
>          Issue Type: Improvement
>          Components: Newcomer, Network Client
>    Affects Versions: 10.2.1.6, 10.0.2.2, 10.1.1.0, 10.1.3.1, 10.0.2.1, 10.0.2.0, 10.1.2.1
>            Reporter: Sunitha Kambhampati
>         Assigned To: Anders Morken
>            Priority: Minor
>         Attachments: DERBY-963-code-v1.patch
>
>
> Overview:
> DRDA spec specifies the following secmec (securitymechanism) values.
> USRIDONL = 4
> USRIDPWD = 3
> EUSRIDPWD = 9
> Currently in the client url, one would have to pass in the integer value for securityMechanism. e.g.
> ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
> when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
> Constants are
> ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
> ClientDataSource.USER_ONLY_SECURITY (0x04)
> ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
> Add support in client to recognize the user friendly names for the securityMechanism attribute. The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.
> --------
> To ensure that the old applications that were written to pass in an integer value for securityMechanism do not break with the new client , the client should probably support both the integer values as well as the string values.  

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira