You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Sunitha Kambhampati (JIRA)" <de...@db.apache.org> on 2005/05/31 21:24:56 UTC
[jira] Resolved: (DERBY-198) Add Support for network Server USRIDONL security
[ http://issues.apache.org/jira/browse/DERBY-198?page=all ]
Sunitha Kambhampati resolved DERBY-198:
---------------------------------------
Resolution: Fixed
This fix was committed with revision 160439 a while ago.
_________
The general flow is
client sends ACCSEC with CodePoint.SECMEC as SECMEC_USRIDONL (4) to use userid only security.
In the ACCSECRD the server sends secmec as SECMEC_USRIDONL which means it supports this security mechanism
Then client sends SECCHK sending only USRID
The server sends a SECCHKRM as normal after validating the userid. This is actually done by trying to obtain a connection from the database.
Changes that went in
-- Recognize CodePoint.SECMEC_USRIDONL sent in for CodePoint.SECMEC as part of the ACCSEC command (DRDAConnThread#parseACCSEC)
-- validate if the right parameters are sent for SECMEC_USRIDONL
-- Change the constant SECCHKCD_SECTKNMISSING to SECCHKCD_SECTKNMISSING_OR_INVALID for clarity. Since this code is sent in cases when the security token is invalid as well as when it is missing.
-- Changes to parseSECCHK to check for only the userid to support SECMEC_USRIDONL
-- Changes to Database#makeConnection to take care of a null password
> Add Support for network Server USRIDONL security
> ------------------------------------------------
>
> Key: DERBY-198
> URL: http://issues.apache.org/jira/browse/DERBY-198
> Project: Derby
> Type: Improvement
> Components: Network Server
> Versions: 10.1.0.0
> Reporter: Kathey Marsden
> Assignee: Sunitha Kambhampati
> Priority: Minor
> Fix For: 10.1.0.0
> Attachments: Derby198.diff
>
> Currently Network Server supports only two security mechanisms.
> User ID and password (usridpwd)
> User ID and encrypted password (eusridpwd)
> It would be good to add support for User ID Only security so that it could more closely match the embedded driver and not always require a password.
> See details of security mechanism implementations in section 4.4.2.1 of
> DRDA V3 Vol. 1: Distributed Relational Database Architecture
> http://www.opengroup.org/dbiop/
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira