You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by be...@apache.org on 2007/07/05 11:03:58 UTC

svn commit: r553428 - in /db/derby/docs/trunk/src/adminguide: cadminapps811695.dita cadminappsclientsecurity.dita derbyadmin.ditamap tadminapps811695.dita

Author: bernt
Date: Thu Jul  5 02:03:57 2007
New Revision: 553428

URL: http://svn.apache.org/viewvc?view=rev&rev=553428
Log:
DERBY-2837 Update docs on STRONG_PASSWORD_SUBSTITUTE_SECURITY/ENCRYPTED_USER_AND_PASSWORD_SECURITY and JCE support

Added:
    db/derby/docs/trunk/src/adminguide/cadminapps811695.dita
      - copied, changed from r552430, db/derby/docs/trunk/src/adminguide/tadminapps811695.dita
Removed:
    db/derby/docs/trunk/src/adminguide/tadminapps811695.dita
Modified:
    db/derby/docs/trunk/src/adminguide/cadminappsclientsecurity.dita
    db/derby/docs/trunk/src/adminguide/derbyadmin.ditamap

Copied: db/derby/docs/trunk/src/adminguide/cadminapps811695.dita (from r552430, db/derby/docs/trunk/src/adminguide/tadminapps811695.dita)
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/cadminapps811695.dita?view=diff&rev=553428&p1=db/derby/docs/trunk/src/adminguide/tadminapps811695.dita&r1=552430&p2=db/derby/docs/trunk/src/adminguide/cadminapps811695.dita&r2=553428
==============================================================================
--- db/derby/docs/trunk/src/adminguide/tadminapps811695.dita (original)
+++ db/derby/docs/trunk/src/adminguide/cadminapps811695.dita Thu Jul  5 02:03:57 2007
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
-<!DOCTYPE task PUBLIC "-//OASIS//DTD DITA Task//EN"
- "../dtd/task.dtd">
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
 <!-- 
 Licensed to the Apache Software Foundation (ASF) under one or more
 contributor license agreements.  See the NOTICE file distributed with
@@ -17,7 +17,7 @@
 See the License for the specific language governing permissions and  
 limitations under the License.
 -->
-<task id="tadminapps811695" xml:lang="en-us">
+<concept id="cadminapps811695" xml:lang="en-us">
 <title>Enabling the encrypted user ID and password security mechanism</title>
 <prolog><metadata>
 <keywords><indexterm>Encrypted User ID and password<indexterm>using with Network
@@ -26,37 +26,23 @@
 <indexterm>ibmpkderby.jar</indexterm><indexterm>ibmpkcs11.jar</indexterm>
 </keywords>
 </metadata></prolog>
-<taskbody>
-<context> <p>To use the encrypted user ID and password security mechanism,
-you need IBM JCE (Java Cryptography Extension) 1.2.1 or later. You can use
-it with any version of IBM or Sun's <ph><tm tmclass="special" tmowner="Sun Microsystems, Inc."
+<conbody>
+<p>To use the encrypted user ID and password security mechanism,
+you need a Java environment whith an JCE (Java Cryptography Extension)
+which supports the Diffie-Hellman algorithm with a public prime of
+256 bits. Sun's <ph><tm tmclass="special" tmowner="Sun Microsystems, Inc."
 tmtype="tm" trademark="Java">Java</tm> 2 Platform, Standard Edition, Version
-1.2 (J2SE)</ph>.</p><p>IBM Developer Kit for the Java Platform 1.4 or later
-comes with IBM JCE, so you do not need to install IBM JCE separately. If you
-have an earlier version of IBM Developer Kit for the Java Platform or other
-Software Development Kits, complete the following steps:</p></context>
-<steps>
-<step><cmd>Copy the following IBM JCE jar files to the jre/lib/ext directory
-of the IBM SDK's installation home:</cmd><info><ul>
-<li>ibmjceprovider.jar</li>
-<li>ibmjcefw.jar</li>
-<li>ibmpkderby.jar</li>
-<li>ibmpkcs11.jar</li>
-</ul></info></step>
-<step><cmd>Modify the java.security file in the jre/lib/security directory.
-In the section that lists providers (and preference order), replace the text
-with:</cmd><info><codeblock>security.provider.1=sun.security.provider.Sun
-security.provider.2=com.ibm.crypto.provider.IBMJCE</codeblock><p><note>If
-you are installing the IBM JCE on a Sun Java Development Kit, you must specify
-both of these lines in the order shown.</note></p></info></step>
-<step><cmd>To use the encrypted user id and password security mechanism during
+1.4 (J2SE)</ph> and later requires a public prime of 512 bits or
+more. An alternative mechanism if the 256 bit public prime is not
+supported, is <i>STRONG_PASSWORD_SUBSTITUTE_SECURITY</i>.
+</p>
+<p>To use the encrypted user id and password security mechanism during
 JDBC connection using the network client, specify the <codeph>securityMechanism</codeph> in
-the connection property. </cmd><info>If an encrypted database is booted in
+the connection property. <note>If an encrypted database is booted in
 the Network Server, users can connect to the database without giving the <codeph>bootPassword</codeph>.
 The first connection to the database must provide the <codeph>bootPassword</codeph>,
 but all subsequent connections do not need to supply it. To remove access
 from the encrypted database, use the <codeph>shutdown=true</codeph> option
-to shut down the database.</info></step>
-</steps>
-</taskbody>
-</task>
+to shut down the database.</note></p>
+</conbody>
+</concept>

Modified: db/derby/docs/trunk/src/adminguide/cadminappsclientsecurity.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/cadminappsclientsecurity.dita?view=diff&rev=553428&r1=553427&r2=553428
==============================================================================
--- db/derby/docs/trunk/src/adminguide/cadminappsclientsecurity.dita (original)
+++ db/derby/docs/trunk/src/adminguide/cadminappsclientsecurity.dita Thu Jul  5 02:03:57 2007
@@ -73,7 +73,7 @@
 <entry colname="col2">ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY
 (0x09)</entry>
 <entry colname="col3">Encryption requires a JCE implementation that supports
-the Diffie-Helman algorithm with a prime of 32 bytes.</entry>
+the Diffie-Hellman algorithm with a public prime of 256 bits.</entry>
 </row>
 </tbody>
 </tgroup>

Modified: db/derby/docs/trunk/src/adminguide/derbyadmin.ditamap
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/derbyadmin.ditamap?view=diff&rev=553428&r1=553427&r2=553428
==============================================================================
--- db/derby/docs/trunk/src/adminguide/derbyadmin.ditamap (original)
+++ db/derby/docs/trunk/src/adminguide/derbyadmin.ditamap Thu Jul  5 02:03:57 2007
@@ -135,7 +135,7 @@
 </topicref>
 <topicref href="cadminapps811656.dita" navtitle="Network Server user authentication when user authentication is off
 in Derby"></topicref>
-<topicref href="tadminapps811695.dita" navtitle="Enabling the encrypted user ID and password security mechanism">
+<topicref href="cadminapps811695.dita" navtitle="Enabling the encrypted user ID and password security mechanism">
 </topicref>
 </topicref>
 <topicref href="cadminappsjdbcdiffs.dita" navtitle="Differences in JDBC 3.0 methods">