You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Sunitha Kambhampati (JIRA)" <de...@db.apache.org> on 2006/02/13 11:15:24 UTC
[jira] Created: (DERBY-963) Allow user friendly string values for
security mechanism in client connection url.
Allow user friendly string values for security mechanism in client connection url.
-----------------------------------------------------------------------------------
Key: DERBY-963
URL: http://issues.apache.org/jira/browse/DERBY-963
Project: Derby
Type: Improvement
Components: Newcomer, Network Client
Versions: 10.2.0.0, 10.0.2.2, 10.1.3.0, 10.1.2.3, 10.1.1.0, 10.1.1.1, 10.1.1.2, 10.1.2.0, 10.1.2.2, 10.0.2.1, 10.0.2.0, 10.1.2.1
Reporter: Sunitha Kambhampati
Priority: Minor
Overview:
DRDA spec specifies the following secmec (securitymechanism) values.
USRIDONL = 4
USRIDPWD = 3
EUSRIDPWD = 9
Currently in the client url, one would have to pass in the integer value for securityMechanism. e.g.
ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
Constants are
ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
ClientDataSource.USER_ONLY_SECURITY (0x04)
ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
Add support in client to recognize the user friendly names for the securityMechanism attribute. The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.
--------
To ensure that the old applications that were written to pass in an integer value for securityMechanism do not break with the new client , the client should probably support both the integer values as well as the string values.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Assigned: (DERBY-963) Allow user friendly string values for
security mechanism in client connection url.
Posted by "Anders Morken (JIRA)" <de...@db.apache.org>.
[ http://issues.apache.org/jira/browse/DERBY-963?page=all ]
Anders Morken reassigned DERBY-963:
-----------------------------------
Assign To: Anders Morken
> Allow user friendly string values for security mechanism in client connection url.
> ----------------------------------------------------------------------------------
>
> Key: DERBY-963
> URL: http://issues.apache.org/jira/browse/DERBY-963
> Project: Derby
> Type: Improvement
> Components: Newcomer, Network Client
> Versions: 10.2.0.0, 10.0.2.2, 10.1.3.0, 10.1.2.3, 10.1.1.0, 10.1.1.1, 10.1.1.2, 10.1.2.0, 10.1.2.2, 10.0.2.1, 10.0.2.0, 10.1.2.1
> Reporter: Sunitha Kambhampati
> Assignee: Anders Morken
> Priority: Minor
>
> Overview:
> DRDA spec specifies the following secmec (securitymechanism) values.
> USRIDONL = 4
> USRIDPWD = 3
> EUSRIDPWD = 9
> Currently in the client url, one would have to pass in the integer value for securityMechanism. e.g.
> ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
> when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
> Constants are
> ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
> ClientDataSource.USER_ONLY_SECURITY (0x04)
> ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
> Add support in client to recognize the user friendly names for the securityMechanism attribute. The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.
> --------
> To ensure that the old applications that were written to pass in an integer value for securityMechanism do not break with the new client , the client should probably support both the integer values as well as the string values.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (DERBY-963) Allow user friendly string values for
security mechanism in client connection url.
Posted by "Anders Morken (JIRA)" <de...@db.apache.org>.
[ http://issues.apache.org/jira/browse/DERBY-963?page=comments#action_12418721 ]
Anders Morken commented on DERBY-963:
-------------------------------------
I've actually had a patch for this in my trunk checkout for a while, but it's been forgotten and rotting away as I haven't yet, uhm, "found the inspiration" to write regression tests and doc patches for it. I'll see about it soon. =)
> Allow user friendly string values for security mechanism in client connection url.
> ----------------------------------------------------------------------------------
>
> Key: DERBY-963
> URL: http://issues.apache.org/jira/browse/DERBY-963
> Project: Derby
> Type: Improvement
> Components: Newcomer, Network Client
> Versions: 10.0.2.0, 10.0.2.1, 10.0.2.2, 10.1.1.0, 10.2.0.0, 10.1.2.0, 10.1.1.1, 10.1.1.2, 10.1.2.1, 10.1.3.0, 10.1.2.2, 10.1.2.3
> Reporter: Sunitha Kambhampati
> Assignee: Anders Morken
> Priority: Minor
>
> Overview:
> DRDA spec specifies the following secmec (securitymechanism) values.
> USRIDONL = 4
> USRIDPWD = 3
> EUSRIDPWD = 9
> Currently in the client url, one would have to pass in the integer value for securityMechanism. e.g.
> ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
> when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
> Constants are
> ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
> ClientDataSource.USER_ONLY_SECURITY (0x04)
> ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
> Add support in client to recognize the user friendly names for the securityMechanism attribute. The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.
> --------
> To ensure that the old applications that were written to pass in an integer value for securityMechanism do not break with the new client , the client should probably support both the integer values as well as the string values.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (DERBY-963) Allow user friendly string values for
security mechanism in client connection url.
Posted by "Anders Morken (JIRA)" <de...@db.apache.org>.
[ http://issues.apache.org/jira/browse/DERBY-963?page=comments#action_12375834 ]
Anders Morken commented on DERBY-963:
-------------------------------------
This can be fixed in o.a.derby.jdbc.ClientBaseDataSource#getSecurityMechanism(Properties properties), right? I'll give it a try. =)
> Allow user friendly string values for security mechanism in client connection url.
> ----------------------------------------------------------------------------------
>
> Key: DERBY-963
> URL: http://issues.apache.org/jira/browse/DERBY-963
> Project: Derby
> Type: Improvement
> Components: Newcomer, Network Client
> Versions: 10.2.0.0, 10.0.2.2, 10.1.3.0, 10.1.2.3, 10.1.1.0, 10.1.1.1, 10.1.1.2, 10.1.2.0, 10.1.2.2, 10.0.2.1, 10.0.2.0, 10.1.2.1
> Reporter: Sunitha Kambhampati
> Assignee: Anders Morken
> Priority: Minor
>
> Overview:
> DRDA spec specifies the following secmec (securitymechanism) values.
> USRIDONL = 4
> USRIDPWD = 3
> EUSRIDPWD = 9
> Currently in the client url, one would have to pass in the integer value for securityMechanism. e.g.
> ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
> when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
> Constants are
> ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
> ClientDataSource.USER_ONLY_SECURITY (0x04)
> ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
> Add support in client to recognize the user friendly names for the securityMechanism attribute. The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.
> --------
> To ensure that the old applications that were written to pass in an integer value for securityMechanism do not break with the new client , the client should probably support both the integer values as well as the string values.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (DERBY-963) Allow user friendly string values for
security mechanism in client connection url.
Posted by "Anders Morken (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DERBY-963?page=comments#action_12449281 ]
Anders Morken commented on DERBY-963:
-------------------------------------
Thanks for taking a look at the patch, Knut Anders and John. As you might have noticed in my "patch - committer feedback - new patch" roundtrip times, I'm not in any particular hurry. ;-) (Actually I've got a final refinement for DERBY-801 tested and ready in my working copy... just haven't posted it here yet. =)
I'll see if I can throw together an updated patch - as I mentioned earlier, it needs doc and test suite updates as well to be of any use. =)
> Allow user friendly string values for security mechanism in client connection url.
> ----------------------------------------------------------------------------------
>
> Key: DERBY-963
> URL: http://issues.apache.org/jira/browse/DERBY-963
> Project: Derby
> Issue Type: Improvement
> Components: Newcomer, Network Client
> Affects Versions: 10.2.1.6, 10.0.2.2, 10.1.1.0, 10.1.3.1, 10.0.2.1, 10.0.2.0, 10.1.2.1
> Reporter: Sunitha Kambhampati
> Assigned To: Anders Morken
> Priority: Minor
> Attachments: DERBY-963-code-v1.patch
>
>
> Overview:
> DRDA spec specifies the following secmec (securitymechanism) values.
> USRIDONL = 4
> USRIDPWD = 3
> EUSRIDPWD = 9
> Currently in the client url, one would have to pass in the integer value for securityMechanism. e.g.
> ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
> when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
> Constants are
> ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
> ClientDataSource.USER_ONLY_SECURITY (0x04)
> ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
> Add support in client to recognize the user friendly names for the securityMechanism attribute. The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.
> --------
> To ensure that the old applications that were written to pass in an integer value for securityMechanism do not break with the new client , the client should probably support both the integer values as well as the string values.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Assigned: (DERBY-963) Allow user friendly string values for
security mechanism in client connection url.
Posted by "Kathey Marsden (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-963?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kathey Marsden reassigned DERBY-963:
------------------------------------
Assignee: (was: Anders Morken)
> Allow user friendly string values for security mechanism in client connection url.
> ----------------------------------------------------------------------------------
>
> Key: DERBY-963
> URL: https://issues.apache.org/jira/browse/DERBY-963
> Project: Derby
> Issue Type: Improvement
> Components: Network Client, Newcomer
> Affects Versions: 10.0.2.0, 10.0.2.1, 10.0.2.2, 10.1.1.0, 10.1.2.1, 10.1.3.1, 10.2.1.6
> Reporter: Sunitha Kambhampati
> Priority: Minor
> Attachments: DERBY-963-code-v1.patch
>
>
> Overview:
> DRDA spec specifies the following secmec (securitymechanism) values.
> USRIDONL = 4
> USRIDPWD = 3
> USRSSBPWD = 8
> EUSRIDPWD = 9
> Currently in the client url, one would have to pass in the integer value for securityMechanism. e.g.
> ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
> when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
> Constants are
> ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
> ClientDataSource.USER_ONLY_SECURITY (0x04)
> ClientDataSource.STRONG_PASSWORD_SUBSTITUTE_SECURITY (0x08)
> ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
> Add support in client to recognize the user friendly names for the securityMechanism attribute. The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.
> --------
> To ensure that the old applications that were written to pass in an integer value for securityMechanism do not break with the new client , the client should probably support both the integer values as well as the string values.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DERBY-963) Allow user friendly string values for
security mechanism in client connection url.
Posted by "John H. Embretsen (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DERBY-963?page=comments#action_12449276 ]
John H. Embretsen commented on DERBY-963:
-----------------------------------------
It would be nice if the new (in 10.2) STRONG_PASSWORD_SUBSTITUTE_SECURITY (USRSSBPWD, 0x08) could be included as well :)
> Allow user friendly string values for security mechanism in client connection url.
> ----------------------------------------------------------------------------------
>
> Key: DERBY-963
> URL: http://issues.apache.org/jira/browse/DERBY-963
> Project: Derby
> Issue Type: Improvement
> Components: Newcomer, Network Client
> Affects Versions: 10.2.1.6, 10.0.2.2, 10.1.1.0, 10.1.3.1, 10.0.2.1, 10.0.2.0, 10.1.2.1
> Reporter: Sunitha Kambhampati
> Assigned To: Anders Morken
> Priority: Minor
> Attachments: DERBY-963-code-v1.patch
>
>
> Overview:
> DRDA spec specifies the following secmec (securitymechanism) values.
> USRIDONL = 4
> USRIDPWD = 3
> EUSRIDPWD = 9
> Currently in the client url, one would have to pass in the integer value for securityMechanism. e.g.
> ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
> when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
> Constants are
> ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
> ClientDataSource.USER_ONLY_SECURITY (0x04)
> ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
> Add support in client to recognize the user friendly names for the securityMechanism attribute. The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.
> --------
> To ensure that the old applications that were written to pass in an integer value for securityMechanism do not break with the new client , the client should probably support both the integer values as well as the string values.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (DERBY-963) Allow user friendly string values for
security mechanism in client connection url.
Posted by "Andrew McIntyre (JIRA)" <de...@db.apache.org>.
[ http://issues.apache.org/jira/browse/DERBY-963?page=all ]
Andrew McIntyre updated DERBY-963:
----------------------------------
Derby Info: [Patch Available]
> Allow user friendly string values for security mechanism in client connection url.
> ----------------------------------------------------------------------------------
>
> Key: DERBY-963
> URL: http://issues.apache.org/jira/browse/DERBY-963
> Project: Derby
> Issue Type: Improvement
> Components: Newcomer, Network Client
> Affects Versions: 10.2.1.5, 10.0.2.2, 10.1.3.0, 10.1.2.3, 10.1.1.0, 10.1.1.1, 10.1.1.2, 10.1.2.0, 10.1.2.2, 10.0.2.1, 10.0.2.0, 10.1.2.1
> Reporter: Sunitha Kambhampati
> Assigned To: Anders Morken
> Priority: Minor
> Attachments: DERBY-963-code-v1.patch
>
>
> Overview:
> DRDA spec specifies the following secmec (securitymechanism) values.
> USRIDONL = 4
> USRIDPWD = 3
> EUSRIDPWD = 9
> Currently in the client url, one would have to pass in the integer value for securityMechanism. e.g.
> ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
> when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
> Constants are
> ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
> ClientDataSource.USER_ONLY_SECURITY (0x04)
> ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
> Add support in client to recognize the user friendly names for the securityMechanism attribute. The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.
> --------
> To ensure that the old applications that were written to pass in an integer value for securityMechanism do not break with the new client , the client should probably support both the integer values as well as the string values.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (DERBY-963) Allow user friendly string values for
security mechanism in client connection url.
Posted by "Knut Anders Hatlen (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DERBY-963?page=comments#action_12449165 ]
Knut Anders Hatlen commented on DERBY-963:
------------------------------------------
Wow! Almost five months since the patch was submitted, and no comments yet! Sorry about that! :(
I think the suggested patch looks good. My only comment is that I'm not sure ClientBaseDataSource.getSecurityMechanism(java.util.Properties) should throw client.am.SqlException since it is part of our public API. java.sql.SQLException would perhaps have been better. But to be frank, I don't understand why getSecurityMechanism(Properties) is part of our public API in the first place.
> Allow user friendly string values for security mechanism in client connection url.
> ----------------------------------------------------------------------------------
>
> Key: DERBY-963
> URL: http://issues.apache.org/jira/browse/DERBY-963
> Project: Derby
> Issue Type: Improvement
> Components: Newcomer, Network Client
> Affects Versions: 10.2.1.6, 10.0.2.2, 10.1.1.0, 10.1.3.1, 10.0.2.1, 10.0.2.0, 10.1.2.1
> Reporter: Sunitha Kambhampati
> Assigned To: Anders Morken
> Priority: Minor
> Attachments: DERBY-963-code-v1.patch
>
>
> Overview:
> DRDA spec specifies the following secmec (securitymechanism) values.
> USRIDONL = 4
> USRIDPWD = 3
> EUSRIDPWD = 9
> Currently in the client url, one would have to pass in the integer value for securityMechanism. e.g.
> ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
> when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
> Constants are
> ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
> ClientDataSource.USER_ONLY_SECURITY (0x04)
> ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
> Add support in client to recognize the user friendly names for the securityMechanism attribute. The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.
> --------
> To ensure that the old applications that were written to pass in an integer value for securityMechanism do not break with the new client , the client should probably support both the integer values as well as the string values.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (DERBY-963) Allow user friendly string values for
security mechanism in client connection url.
Posted by "Anders Morken (JIRA)" <de...@db.apache.org>.
[ http://issues.apache.org/jira/browse/DERBY-963?page=all ]
Anders Morken updated DERBY-963:
--------------------------------
Attachment: DERBY-963-code-v1.patch
This (DERBY-963-code-v1.patch) is a first take at enabling more user friendly security mechanism names in the connection properties. Needs regression tests and doc updates to be of any value to users, though - but if someone takes a look at it and decides whether this is the right way to do it and the right place to do it that would be useful anyway. =)
> Allow user friendly string values for security mechanism in client connection url.
> ----------------------------------------------------------------------------------
>
> Key: DERBY-963
> URL: http://issues.apache.org/jira/browse/DERBY-963
> Project: Derby
> Type: Improvement
> Components: Newcomer, Network Client
> Versions: 10.0.2.0, 10.0.2.1, 10.0.2.2, 10.1.1.0, 10.2.0.0, 10.1.2.0, 10.1.1.1, 10.1.1.2, 10.1.2.1, 10.1.3.0, 10.1.2.2, 10.1.2.3
> Reporter: Sunitha Kambhampati
> Assignee: Anders Morken
> Priority: Minor
> Attachments: DERBY-963-code-v1.patch
>
> Overview:
> DRDA spec specifies the following secmec (securitymechanism) values.
> USRIDONL = 4
> USRIDPWD = 3
> EUSRIDPWD = 9
> Currently in the client url, one would have to pass in the integer value for securityMechanism. e.g.
> ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
> when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
> Constants are
> ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
> ClientDataSource.USER_ONLY_SECURITY (0x04)
> ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
> Add support in client to recognize the user friendly names for the securityMechanism attribute. The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.
> --------
> To ensure that the old applications that were written to pass in an integer value for securityMechanism do not break with the new client , the client should probably support both the integer values as well as the string values.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (DERBY-963) Allow user friendly string values for
security mechanism in client connection url.
Posted by "Anders Morken (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DERBY-963?page=all ]
Anders Morken updated DERBY-963:
--------------------------------
Description:
Overview:
DRDA spec specifies the following secmec (securitymechanism) values.
USRIDONL = 4
USRIDPWD = 3
USRSSBPWD = 8
EUSRIDPWD = 9
Currently in the client url, one would have to pass in the integer value for securityMechanism. e.g.
ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
Constants are
ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
ClientDataSource.USER_ONLY_SECURITY (0x04)
ClientDataSource.STRONG_PASSWORD_SUBSTITUTE_SECURITY (0x08)
ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
Add support in client to recognize the user friendly names for the securityMechanism attribute. The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.
--------
To ensure that the old applications that were written to pass in an integer value for securityMechanism do not break with the new client , the client should probably support both the integer values as well as the string values.
was:
Overview:
DRDA spec specifies the following secmec (securitymechanism) values.
USRIDONL = 4
USRIDPWD = 3
EUSRIDPWD = 9
Currently in the client url, one would have to pass in the integer value for securityMechanism. e.g.
ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
Constants are
ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
ClientDataSource.USER_ONLY_SECURITY (0x04)
ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
Add support in client to recognize the user friendly names for the securityMechanism attribute. The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.
--------
To ensure that the old applications that were written to pass in an integer value for securityMechanism do not break with the new client , the client should probably support both the integer values as well as the string values.
Derby Info: (was: [Patch Available])
Updating description to add new the new security mechanism to the spec, and unsetting the patch available flag. New and improved patch coming later. =)
> Allow user friendly string values for security mechanism in client connection url.
> ----------------------------------------------------------------------------------
>
> Key: DERBY-963
> URL: http://issues.apache.org/jira/browse/DERBY-963
> Project: Derby
> Issue Type: Improvement
> Components: Newcomer, Network Client
> Affects Versions: 10.2.1.6, 10.0.2.2, 10.1.1.0, 10.1.3.1, 10.0.2.1, 10.0.2.0, 10.1.2.1
> Reporter: Sunitha Kambhampati
> Assigned To: Anders Morken
> Priority: Minor
> Attachments: DERBY-963-code-v1.patch
>
>
> Overview:
> DRDA spec specifies the following secmec (securitymechanism) values.
> USRIDONL = 4
> USRIDPWD = 3
> USRSSBPWD = 8
> EUSRIDPWD = 9
> Currently in the client url, one would have to pass in the integer value for securityMechanism. e.g.
> ij>connect 'testdb;securityMechanism=9;user=sa;password=p1';
> when using the datasource, the setSecurityMechanism(int) on the ClientDataSource can be used.
> Constants are
> ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY (0x03)
> ClientDataSource.USER_ONLY_SECURITY (0x04)
> ClientDataSource.STRONG_PASSWORD_SUBSTITUTE_SECURITY (0x08)
> ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY (0x09)
> Add support in client to recognize the user friendly names for the securityMechanism attribute. The values that should be accepted are CLEAR_TEXT_PASSWORD_SECURITY, USER_ONLY_SECURITY, ENCRYPTED_USER_AND_PASSWORD_SECURITY.
> --------
> To ensure that the old applications that were written to pass in an integer value for securityMechanism do not break with the new client , the client should probably support both the integer values as well as the string values.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira