Derby
  1. Derby
  2. DERBY-5653

We should document that the NetServlet is a testing tool and not appropriate for production use.

    Details

    • Urgency:
      Normal
    • Bug behavior facts:
      Security

      Description

      The NetServlet does not require credentials in order to bring the server up and down (or for any operations for that matter). See DERBY-5401. This lack of security makes the NetServlet unsuited for production use. We should document that NetServlet is only appropriate for testing purposes.

      1. DERBY-5653.zip
        27 kB
        Kim Haase
      2. DERBY-5653.stat
        0.6 kB
        Kim Haase
      3. DERBY-5653.diff
        11 kB
        Kim Haase

        Issue Links

          Activity

          Hide
          Myrna van Lunteren added a comment -

          Would it perhaps make sense to move the netservlet to the demos instead?

          Show
          Myrna van Lunteren added a comment - Would it perhaps make sense to move the netservlet to the demos instead?
          Hide
          Kim Haase added a comment -

          I assume NetServlet == "the servlet interface", which is documented only in the Admin Guide. The documentation itself consists of just a few topics, but there are references and cross-references in a number of topics (listed below). Would it make sense to remove the references to it, as well as to add warnings to the section where it is documented?

          cadminpreface23947.dita How this guide is organized (mention, xref only)
          cadminov825266.dita The Derby Network Server (mention, xref only)

          tadminconfigsysteminformation.dita Obtaining system information (mention only)
          tadminconfig815822.dita Obtaining Network Server properties by using the getCurrent Properties method (mention, xref only)

          cadminconfig86869.dita Managing the Derby Network Server (mention, xref only)

          radminconfigdb2jdrdalogconnections.dita derby.drda.logConnections property (mention only)
          radmindrdaStreamOutBufferSize.dita derby.drda.streamOutBufferSize property (mention only)
          radminconfig.dita derby.drda.traceAll property (mention only)
          radminconfigdb2jdrdatracedirectory.dita derby.drda.traceDirectory property (mention only)

          cadminservlet98430.dita Managing the Derby Network Server remotely by using the servlet interface: main documentation, with subtopics radminservlet810694.dita, radminservlet810717.dita, radminservlet810796.dita, radminservlet810822.dita, radminservlet810910.dita

          tadminconfiguringthenetworkserver.dita Configuring the Network Server to handle connections (mention only)
          tadminlogfile.dita Controlling logging by using the log file (mention only)
          tadmintracefacility.dita Controlling tracing by using the trace facility (mention, xref only)

          Show
          Kim Haase added a comment - I assume NetServlet == "the servlet interface", which is documented only in the Admin Guide. The documentation itself consists of just a few topics, but there are references and cross-references in a number of topics (listed below). Would it make sense to remove the references to it, as well as to add warnings to the section where it is documented? cadminpreface23947.dita How this guide is organized (mention, xref only) cadminov825266.dita The Derby Network Server (mention, xref only) tadminconfigsysteminformation.dita Obtaining system information (mention only) tadminconfig815822.dita Obtaining Network Server properties by using the getCurrent Properties method (mention, xref only) cadminconfig86869.dita Managing the Derby Network Server (mention, xref only) radminconfigdb2jdrdalogconnections.dita derby.drda.logConnections property (mention only) radmindrdaStreamOutBufferSize.dita derby.drda.streamOutBufferSize property (mention only) radminconfig.dita derby.drda.traceAll property (mention only) radminconfigdb2jdrdatracedirectory.dita derby.drda.traceDirectory property (mention only) cadminservlet98430.dita Managing the Derby Network Server remotely by using the servlet interface: main documentation, with subtopics radminservlet810694.dita, radminservlet810717.dita, radminservlet810796.dita, radminservlet810822.dita, radminservlet810910.dita tadminconfiguringthenetworkserver.dita Configuring the Network Server to handle connections (mention only) tadminlogfile.dita Controlling logging by using the log file (mention only) tadmintracefacility.dita Controlling tracing by using the trace facility (mention, xref only)
          Hide
          Rick Hillegas added a comment -

          Hi Myrna,

          I agree that this program belongs with the demos. However, somehow I got the impression that people were actually using it in production. That may create some backward compatibility issues if we move it.

          Thanks,
          -Rick

          Show
          Rick Hillegas added a comment - Hi Myrna, I agree that this program belongs with the demos. However, somehow I got the impression that people were actually using it in production. That may create some backward compatibility issues if we move it. Thanks, -Rick
          Hide
          Rick Hillegas added a comment -

          Hi Kim,

          Removing those other references sounds like a good plan. Thanks.

          Show
          Rick Hillegas added a comment - Hi Kim, Removing those other references sounds like a good plan. Thanks.
          Hide
          Kim Haase added a comment -

          Attaching DERBY-5653.diff, DERBY-5653.stat, and DERBY-5653.zip, with changes to the following files:

          M src/adminguide/cadminpreface23947.dita
          M src/adminguide/cadminov825266.dita
          M src/adminguide/tadminconfigsysteminformation.dita
          M src/adminguide/tadminconfig815822.dita
          M src/adminguide/cadminconfig86869.dita
          M src/adminguide/radminconfigdb2jdrdalogconnections.dita
          M src/adminguide/radmindrdaStreamOutBufferSize.dita
          M src/adminguide/radminconfig.dita
          M src/adminguide/radminconfigdb2jdrdatracedirectory.dita
          M src/adminguide/cadminservlet98430.dita
          M src/adminguide/tadminconfiguringthenetworkserver.dita
          M src/adminguide/tadminlogfile.dita
          M src/adminguide/tadmintracefacility.dita

          This patch removes most of the references to the servlet interface. It retains the documentation itself, with a warning, and the mention of it in "How this guide is organized", also with a warning.

          Show
          Kim Haase added a comment - Attaching DERBY-5653 .diff, DERBY-5653 .stat, and DERBY-5653 .zip, with changes to the following files: M src/adminguide/cadminpreface23947.dita M src/adminguide/cadminov825266.dita M src/adminguide/tadminconfigsysteminformation.dita M src/adminguide/tadminconfig815822.dita M src/adminguide/cadminconfig86869.dita M src/adminguide/radminconfigdb2jdrdalogconnections.dita M src/adminguide/radmindrdaStreamOutBufferSize.dita M src/adminguide/radminconfig.dita M src/adminguide/radminconfigdb2jdrdatracedirectory.dita M src/adminguide/cadminservlet98430.dita M src/adminguide/tadminconfiguringthenetworkserver.dita M src/adminguide/tadminlogfile.dita M src/adminguide/tadmintracefacility.dita This patch removes most of the references to the servlet interface. It retains the documentation itself, with a warning, and the mention of it in "How this guide is organized", also with a warning.
          Hide
          Rick Hillegas added a comment -

          Thanks, Kim. These changes look good to me. +1

          Show
          Rick Hillegas added a comment - Thanks, Kim. These changes look good to me. +1
          Hide
          Kim Haase added a comment -

          Thanks, Rick!

          Committed patch DERBY-5653.diff to documentation trunk at revision 1325511.

          Show
          Kim Haase added a comment - Thanks, Rick! Committed patch DERBY-5653 .diff to documentation trunk at revision 1325511.
          Hide
          Kim Haase added a comment -

          Changes have appeard in Latest Alpha Manuals.

          Show
          Kim Haase added a comment - Changes have appeard in Latest Alpha Manuals.

            People

            • Assignee:
              Kim Haase
              Reporter:
              Rick Hillegas
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development