You are viewing a plain text version of this content. The canonical link for it is here.

Posted to derby-dev@db.apache.org by "Sunitha Kambhampati (JIRA)" <de...@db.apache.org> on 2005/05/31 21:24:56 UTC

[jira] Resolved: (DERBY-198) Add Support for network Server USRIDONL security

     [ http://issues.apache.org/jira/browse/DERBY-198?page=all ]
     
Sunitha Kambhampati resolved DERBY-198:
---------------------------------------

    Resolution: Fixed

This fix was committed  with revision 160439 a while ago.
_________

The general flow is
client sends ACCSEC with CodePoint.SECMEC as SECMEC_USRIDONL (4) to use userid only security.
In the ACCSECRD the server sends secmec as SECMEC_USRIDONL which means it supports this security mechanism
Then client sends SECCHK sending only USRID
The server sends a SECCHKRM as normal after validating the userid. This is actually done by trying to obtain a connection from the database.

Changes that went in
-- Recognize CodePoint.SECMEC_USRIDONL sent in for CodePoint.SECMEC as part of the ACCSEC command (DRDAConnThread#parseACCSEC)
-- validate if the right parameters are sent for SECMEC_USRIDONL
-- Change the constant SECCHKCD_SECTKNMISSING to SECCHKCD_SECTKNMISSING_OR_INVALID for clarity. Since this code is sent in cases when the security token is invalid as well as when it is missing.
-- Changes to parseSECCHK to check for only the userid to support SECMEC_USRIDONL 
-- Changes to Database#makeConnection to take care of a null password 



> Add Support for network Server USRIDONL security
> ------------------------------------------------
>
>          Key: DERBY-198
>          URL: http://issues.apache.org/jira/browse/DERBY-198
>      Project: Derby
>         Type: Improvement
>   Components: Network Server
>     Versions: 10.1.0.0
>     Reporter: Kathey Marsden
>     Assignee: Sunitha Kambhampati
>     Priority: Minor
>      Fix For: 10.1.0.0
>  Attachments: Derby198.diff
>
> Currently Network Server supports only two security mechanisms.
> User ID and password  (usridpwd)
> User ID and encrypted password (eusridpwd)
> It would be good to add support for  User ID Only security so that it could more closely match the embedded driver and not always require a password.
> See details of security mechanism implementations in section 4.4.2.1 of 
> DRDA V3 Vol. 1: Distributed Relational Database Architecture 
> http://www.opengroup.org/dbiop/

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira