You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by ch...@apache.org on 2012/05/17 15:53:52 UTC
svn commit: r1339604 - in /db/derby/docs/trunk/src: devguide/cdevcsecure24458.dita devguide/cdevcsecurenativeauth.dita ref/rrefnativecreateuserproc.dita ref/rrefnativedropuserproc.dita ref/rrefnativeresetpasswordproc.dita

Author: chaase3
Date: Thu May 17 13:53:51 2012
New Revision: 1339604

URL: http://svn.apache.org/viewvc?rev=1339604&view=rev
Log:
DERBY-5763  Reference Guide should note the new casing rules for the USERNAME arguments to the NATIVE procedures

Modified 3 Reference Manual and 2 Developer's Guide topics.

Patch: DERBY-5763-2.diff

Modified:
    db/derby/docs/trunk/src/devguide/cdevcsecure24458.dita
    db/derby/docs/trunk/src/devguide/cdevcsecurenativeauth.dita
    db/derby/docs/trunk/src/ref/rrefnativecreateuserproc.dita
    db/derby/docs/trunk/src/ref/rrefnativedropuserproc.dita
    db/derby/docs/trunk/src/ref/rrefnativeresetpasswordproc.dita

Modified: db/derby/docs/trunk/src/devguide/cdevcsecure24458.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/cdevcsecure24458.dita?rev=1339604&r1=1339603&r2=1339604&view=diff
==============================================================================
--- db/derby/docs/trunk/src/devguide/cdevcsecure24458.dita (original)
+++ db/derby/docs/trunk/src/devguide/cdevcsecure24458.dita Thu May 17 13:53:51 2012
@@ -39,12 +39,6 @@ type his name that way.   <codeblock>Con
 <li>Within the <ph conref="../conrefs.dita#prod/productshortname"></ph> user
 authorization system, Fred becomes a case-insensitive authorization identifier.
 Fred is known as <i>FRED</i>.</li>
-<li>When you use the <codeph>SYSCS_UTIL.SYSCS_CREATE_USER</codeph> system
-procedure to create the NATIVE authentication user Fred, you specify his name
-in uppercase to match the way it is stored in the database:
-<codeblock><b>CALL SYSCS_UTIL.SYSCS_CREATE_USER('FRED', 'flintstone');
-</b></codeblock>
-</li>
 </ul>
 <p>Let's take a second example, where Fred has a slightly different name within
 the user authentication system.</p>
@@ -58,12 +52,6 @@ the double quotes when passing the name 
 <li>Within the <ph conref="../conrefs.dita#prod/productshortname"></ph> user
 authorization system, <i>Fred</i> becomes a case-sensitive authorization identifier.
 Fred is known as <i>Fred!</i>.</li>
-<li>When you use the <codeph>SYSCS_UTIL.SYSCS_CREATE_USER</codeph> system
-procedure to create the NATIVE authentication user Fred!, you specify his name
-exactly as it is stored in the database:
-<codeblock><b>CALL SYSCS_UTIL.SYSCS_CREATE_USER('Fred!', 'flintstone');
-</b></codeblock>
-</li>
 </ul>
 <p>As shown in the first example, your external authentication system may
 be case-sensitive, whereas the authorization identifier within <ph conref="../conrefs.dita#prod/productshortname"></ph> may

Modified: db/derby/docs/trunk/src/devguide/cdevcsecurenativeauth.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/devguide/cdevcsecurenativeauth.dita?rev=1339604&r1=1339603&r2=1339604&view=diff
==============================================================================
--- db/derby/docs/trunk/src/devguide/cdevcsecurenativeauth.dita (original)
+++ db/derby/docs/trunk/src/devguide/cdevcsecurenativeauth.dita Thu May 17 13:53:51 2012
@@ -43,9 +43,9 @@ value must be set by using system-wide J
 by using the <codeph>derby.properties</codeph> file; it cannot be set in the
 database by using the <codeph>SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY</codeph>
 procedure. When this system-wide value is set, <i>credentialsDB</i> is used to
-authenticate all operations. Individual databases can override this directive by
-specifying their own value for
-<codeph>derby.authentication.provider</codeph>.</p>
+authenticate all operations. If an individual database holds credentials for the
+database owner, the global credentials database is used only to authenticate
+system-wide operations such as engine shutdown.</p>
 <p>The value of <i>credentialsDB</i> must be a valid name for a database.</p>
 </li>
 <li>NATIVE:<i>credentialsDB</i>:LOCAL
@@ -157,11 +157,10 @@ without it, the procedure is slightly di
 NATIVE:<i>credentialsDB</i> or NATIVE:<i>credentialsDB</i>:LOCAL:</p>
 <ul>
 <li>If you specify NATIVE:<i>credentialsDB</i>, add users of the existing
-database to the <i>credentialsDB</i>. Typically, you would specify uppercase
-user names and case-sensitive passwords. For instance, if the old database was
+database to the <i>credentialsDB</i>. For instance, if the old database was
 created without any authentication, then its default user name is APP, and you
-would do the following:
-<codeblock><b>CALL SYSCS_UTIL.SYSCS_CREATE_USER('APP', 'app');</b></codeblock></li>
+could do the following:
+<codeblock><b>CALL SYSCS_UTIL.SYSCS_CREATE_USER('app', 'app');</b></codeblock></li>
 <li>If you plan to specify NATIVE:<i>credentialsDB</i>:LOCAL, first connect to
 the existing database as its database owner using its old authentication scheme.
 Call <codeph>SYSCS_UTIL.SYSCS_CREATE_USER</codeph> to add credentials for the

Modified: db/derby/docs/trunk/src/ref/rrefnativecreateuserproc.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/ref/rrefnativecreateuserproc.dita?rev=1339604&r1=1339603&r2=1339604&view=diff
==============================================================================
--- db/derby/docs/trunk/src/ref/rrefnativecreateuserproc.dita (original)
+++ db/derby/docs/trunk/src/ref/rrefnativecreateuserproc.dita Thu May 17 13:53:51 2012
@@ -53,7 +53,8 @@ IN PASSWORD VARCHAR(32672))</codeblock> 
 <p>No result set is returned by this procedure.</p>
 <dl><dlentry>
 <dt>USERNAME</dt>
-<dd>A case-sensitive user name. This user name is an authorization identifier.
+<dd>A user name that is case-sensitive if you place the name string in double
+quotes. This user name is an authorization identifier.
 See "Authorization identifiers, user authentication, and user authorization" in
 the <ph conref="../conrefs.dita#pub/citdevelop"></ph> for more information about
 how these names are treated.</dd>
@@ -71,16 +72,27 @@ authentication," "Enabling user authenti
 authorization mode" in the <ph conref="../conrefs.dita#pub/citdevelop"></ph> for
 more information. The database owner can grant access to other users.</p>
 </section>
-<section><title>JDBC example</title> 
+<section><title>JDBC example</title>
+<p>Create a user named FRED:</p>
 <codeblock>CallableStatement cs = conn.prepareCall
 ("CALL SYSCS_UTIL.SYSCS_CREATE_USER(?, ?)");
-cs.setString(1, "FRED");
+cs.setString(1, "fred");
+cs.setString(2, "fredpassword");
+cs.execute();
+cs.close();</codeblock>
+<p>Create a user named FreD:</p>
+<codeblock>CallableStatement cs = conn.prepareCall
+("CALL SYSCS_UTIL.SYSCS_CREATE_USER(?, ?)");
+cs.setString(1, "\"FreD\"");
 cs.setString(2, "fredpassword");
 cs.execute();
 cs.close();</codeblock>
 </section>
 <section><title>SQL example</title>
-<codeblock>CALL SYSCS_UTIL.SYSCS_CREATE_USER('FRED', 'fredpassword')</codeblock>
+<p>Create a user named FRED:</p>
+<codeblock>CALL SYSCS_UTIL.SYSCS_CREATE_USER('fred', 'fredpassword')</codeblock>
+<p>Create a user named FreD:</p>
+<codeblock>CALL SYSCS_UTIL.SYSCS_CREATE_USER('"FreD"', 'fredpassword')</codeblock>
 </section>
 </refbody>
 </reference>

Modified: db/derby/docs/trunk/src/ref/rrefnativedropuserproc.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/ref/rrefnativedropuserproc.dita?rev=1339604&r1=1339603&r2=1339604&view=diff
==============================================================================
--- db/derby/docs/trunk/src/ref/rrefnativedropuserproc.dita (original)
+++ db/derby/docs/trunk/src/ref/rrefnativedropuserproc.dita Thu May 17 13:53:51 2012
@@ -49,7 +49,8 @@ objects.</p>
 <p>No result set is returned by this procedure.</p>
 <dl><dlentry>
 <dt>USERNAME</dt>
-<dd>A case-sensitive user name. This user name is an authorization identifier.
+<dd>A user name that is case-sensitive if you place the name string in double
+quotes. This user name is an authorization identifier.
 See "Authorization identifiers, user authentication, and user authorization" in
 the <ph conref="../conrefs.dita#pub/citdevelop"></ph> for more information about
 how these names are treated. If the user name is that of the database owner,
@@ -66,13 +67,15 @@ authorization mode" in the <ph conref=".
 more information. The database owner can grant access to other users.</p>
 </section>
 <section><title>JDBC example</title> 
+<p>Drop a user named FRED:</p>
 <codeblock>CallableStatement cs = conn.prepareCall
-("CALL SYSCS_UTIL.SYSCS_DROP_USER('FRED')");
+("CALL SYSCS_UTIL.SYSCS_DROP_USER('fred')");
 cs.execute();
 cs.close();</codeblock>
 </section>
 <section><title>SQL example</title>
-<codeblock>CALL SYSCS_UTIL.SYSCS_DROP_USER('FRED')</codeblock>
+<p>Drop a user named FreD:</p>
+<codeblock>CALL SYSCS_UTIL.SYSCS_DROP_USER('"FreD"')</codeblock>
 </section>
 </refbody>
 </reference>

Modified: db/derby/docs/trunk/src/ref/rrefnativeresetpasswordproc.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/ref/rrefnativeresetpasswordproc.dita?rev=1339604&r1=1339603&r2=1339604&view=diff
==============================================================================
--- db/derby/docs/trunk/src/ref/rrefnativeresetpasswordproc.dita (original)
+++ db/derby/docs/trunk/src/ref/rrefnativeresetpasswordproc.dita Thu May 17 13:53:51 2012
@@ -43,7 +43,8 @@ IN PASSWORD VARCHAR(32672))</codeblock> 
 <p>No result set is returned by this procedure.</p>
 <dl><dlentry>
 <dt>USERNAME</dt>
-<dd>A case-sensitive user name. This user name is an authorization identifier.
+<dd>A user name that is case-sensitive if you place the name string in double
+quotes. This user name is an authorization identifier.
 See "Authorization identifiers, user authentication, and user authorization" in
 the <ph conref="../conrefs.dita#pub/citdevelop"></ph> for more information about
 how these names are treated.</dd>
@@ -63,15 +64,26 @@ authorization mode" in the <ph conref=".
 more information. The database owner can grant access to other users.</p>
 </section>
 <section><title>JDBC example</title> 
+<p>Reset the password of a user named FRED:</p>
 <codeblock>CallableStatement cs = conn.prepareCall
 ("CALL SYSCS_UTIL.SYSCS_RESET_PASSWORD(?, ?)");
-cs.setString(1, "FRED");
+cs.setString(1, "fred");
+cs.setString(2, "temppassword");
+cs.execute();
+cs.close();</codeblock>
+<p>Reset the password of a user named FreD:</p>
+<codeblock>CallableStatement cs = conn.prepareCall
+("CALL SYSCS_UTIL.SYSCS_RESET_PASSWORD(?, ?)");
+cs.setString(1, "\"FreD\"");
 cs.setString(2, "temppassword");
 cs.execute();
 cs.close();</codeblock>
 </section>
 <section><title>SQL example</title>
-<codeblock>CALL SYSCS_UTIL.SYSCS_RESET_PASSWORD('FRED', 'temppassword')</codeblock>
+<p>Reset the password of a user named FRED:</p>
+<codeblock>CALL SYSCS_UTIL.SYSCS_RESET_PASSWORD('fred', 'temppassword')</codeblock>
+<p>Reset the password of a user named FreD:</p>
+<codeblock>CALL SYSCS_UTIL.SYSCS_RESET_PASSWORD('"FreD"', 'temppassword')</codeblock>
 </section>
 </refbody>
 </reference>