You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Kim Haase (JIRA)" <ji...@apache.org> on 2014/02/17 21:50:19 UTC

[jira] [Commented] (DERBY-6234) Remove references to BUILTIN authentication from the user guides

    [ https://issues.apache.org/jira/browse/DERBY-6234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13903498#comment-13903498 ] 

Kim Haase commented on DERBY-6234:
----------------------------------

Work on this issue will involve the following changes. (I have a few questions here and there.)

Developer's Guide:

"Shutting down Derby or an individual database" (tdevdvlp40464.dita): remove note. Does the preceding paragraph need changes?

"Scope of properties" (cdevsetprop824451.dita) remove mention of BUILTIN and following note.

"Working with user authentication" (cdevcsecure42374.dita): remove bullet item and following note.

"Defining users" (cdevcsecure37817.dita): remove bullet item referencing the "BUILTIN Derby users" topic.

"Guest access to search for DNs" (cdevcsecure876908.dita): remove sentence and bullet list about when Derby does not initiate a search (mentions derby.user.UserName).

"BUILTIN Derby users" (cdevcsecure21547.dita): remove this topic and its subtopics "Database-level properties" (cdevcsecure864642.dita) and "System-level properties" (cdevcsecure864692.dita).

"List of user authentication properties" (rdevcsecure557.dita): remove mention of BUILTIN in second row; row on derby.user.UserName property; and note at end.

Reference Manual:

"Derby properties" (crefproper22250.dita): remove link to derby.user.UserName topic.

"derby.authentication.builtin.algorithm" (rrefproperbuiltinalgorithm.dita): remove mention of BUILTIN authentication.

"derby.authentication.builtin.iterations" (rrefproperiterations.dita): remove mention of BUILTIN authentication.

"derby.authentication.builtin.saltLength" (rrefpropersaltlength.dita): remove mention of BUILTIN authentication.

"derby.authentication.provider" (rrefproper13766.dita): removed bullet item on BUILTIN.

Are the topics "SYSCS_UTIL.SYSCS_SET_USER_ACCESS system procedure" (rrefsetuseraccess.dita),  "derby.database.fullAccessUsers" (rrefproper25025.dita), and "derby.database.readOnlyAccessUsers" (rrefproper39325.dita) relevant to non-BUILTIN authentication? The Developer's Guide says they are not relevant "if you use SQL authorization (the default with NATIVE authentication)". Are they relevant to LDAP or class-based authentication? (There are some Dev Guide topics that mention these properties also.)

"derby.user.UserName" (rrefproper27355.dita): remove this topic and its subtopic, "Caching user DNs" (rrefpropercachedn.dita).

"derby.authentication.ldap.searchFilter" (rrefproper37341.dita): remove mention of derby.user property value.


> Remove references to BUILTIN authentication from the user guides
> ----------------------------------------------------------------
>
>                 Key: DERBY-6234
>                 URL: https://issues.apache.org/jira/browse/DERBY-6234
>             Project: Derby
>          Issue Type: Improvement
>          Components: Documentation
>    Affects Versions: 10.11.0.0
>            Reporter: Rick Hillegas
>            Assignee: Kim Haase
>
> BUILTIN authentication is a scheme suitable only for regression tests. Many security problems make it inappropriate for production use. To avoid confusion and prevent users from selecting this insecure authentication scheme, we should remove references to it from our user documentation.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)