db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mi...@apache.org
Subject svn commit: r439775 - in /db/derby/code/trunk/java: client/org/apache/derby/jdbc/ testing/org/apache/derbyTesting/functionTests/master/DerbyNetClient/ibm14/ testing/org/apache/derbyTesting/functionTests/tests/derbynet/
Date Sun, 03 Sep 2006 13:21:34 GMT
Author: mikem
Date: Sun Sep  3 06:21:33 2006
New Revision: 439775

URL: http://svn.apache.org/viewvc?rev=439775&view=rev
Log:
DERBY-1756
patch Derby1756.2.diff.txt contributed by Sunitha Kambhampati

with derby-962 changes, if client jvm supports EUSRIDPWD then the client would 
use EUSRIDPWD as the security mechanism. But it is possible that the server jvm
might not support EUSRIDPWD and the connection can fail.
When DERBY-1517, DERBY-1755 is fixed, there might be a way to use EUSRIDPWD 
when both client and server vm's have support for it.

This patch does the following:
o Do not use EUSRIDPWD as the default security mechanism even if the client vm can support
it.
o Fix comments in testSecMec.java.
o Existing tests in testSecMec.java cover this codepath and the master file 
output reflects the changes made. Note, only the ibm14 client master file has 
changed since only ibm141 and greater jvms come with jce that can support 
eusridpwd.



Modified:
    db/derby/code/trunk/java/client/org/apache/derby/jdbc/ClientBaseDataSource.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/DerbyNetClient/ibm14/testSecMec.out
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/derbynet/testSecMec.java

Modified: db/derby/code/trunk/java/client/org/apache/derby/jdbc/ClientBaseDataSource.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/client/org/apache/derby/jdbc/ClientBaseDataSource.java?rev=439775&r1=439774&r2=439775&view=diff
==============================================================================
--- db/derby/code/trunk/java/client/org/apache/derby/jdbc/ClientBaseDataSource.java (original)
+++ db/derby/code/trunk/java/client/org/apache/derby/jdbc/ClientBaseDataSource.java Sun Sep
 3 06:21:33 2006
@@ -277,10 +277,7 @@
      * possibilities. USRIDPWD, EUSRIDPWD and USRSSBPWD require a password, USRIDONL
      * is the only security mechanism which does not require password.
      * 1. if password is not available, then security mechanism possible is USRIDONL
-     * 2. if password is available, if client supports EUSRIDPWD, then EUSRIDPWD is 
-     * returned
-     * 3. if password is available, if client does not support EUSRIDPWD, then
-     * USRIDPWD is returned.
+     * 2. if password is available,then USRIDPWD is returned.
      *
      * @param password password argument 
      * @return upgraded security mechanism if possible
@@ -291,14 +288,16 @@
         if ( password == null )
             return propertyDefault_securityMechanism;
 
-        // if password is available, then a security mechanism is picked in
-        // following order if support is available.
-        // 1. EUSRIDPWD
-        // 2. USRIDPWD
         // when we have support for more security mechanisms on server 
         // and client, we should update this upgrade logic to pick 
         // secure security mechanisms before trying out the USRIDPWD
         
+        /*
+        // -----------------------
+        // PLEASE NOTE: 
+        // When DERBY-1517, DERBY-1755 is fixed, there might be a way to use EUSRIDPWD 
+        // when both client and server vm's have support for it. Hence the below
+        // if statement is commented out.
         if (SUPPORTS_EUSRIDPWD)
             return (short)NetConfiguration.SECMEC_EUSRIDPWD;
         else 
@@ -312,7 +311,9 @@
             // exception, as described in DERBY-926).
             // 
             // return (short)NetConfiguration.SECMEC_USRSSBPWD;
-            return (short)NetConfiguration.SECMEC_USRIDPWD;
+         // ----------------------
+         */
+         return (short)NetConfiguration.SECMEC_USRIDPWD;
 
     }
 

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/DerbyNetClient/ibm14/testSecMec.out
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/DerbyNetClient/ibm14/testSecMec.out?rev=439775&r1=439774&r2=439775&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/DerbyNetClient/ibm14/testSecMec.out
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/DerbyNetClient/ibm14/testSecMec.out
Sun Sep  3 06:21:33 2006
@@ -130,7 +130,7 @@
 T4: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=neelima;password=lee;securityMechanism=3
 T1: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat - EXCEPTION Connection
authentication failure occurred.  Reason: security mechanism not supported.
 T2: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=max - EXCEPTION Connection
authentication failure occurred.  Reason: security mechanism not supported.
-T3: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=neelima;password=lee
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.
+T3: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=neelima;password=lee
 T5: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=neelima;password=lee;securityMechanism=9
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.
 T6: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=neelima;securityMechanism=4
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.
 T8: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=neelima;password=lee;securityMechanism=4
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.
@@ -142,8 +142,8 @@
 withConnectionPooling
 DERBY-1080  EXCEPTION ()  Connection authentication failure occurred.  Reason: security mechanism
not supported.
 ******testAllCombinationsOfUserPasswordsSecMecInput***
-Test: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=calvin;password=hobbes
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.
-TEST_DS(user=calvin;password=hobbes)EXCEPTION getDataSourceConnection()  Connection authentication
failure occurred.  Reason: security mechanism not supported.
+Test: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=calvin;password=hobbes
+TEST_DS(user=calvin;password=hobbes) OK
 # jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=calvin;password=hobbes;securityMechanism=4
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.
 TEST_DS (user=calvin;password=hobbes,securityMechanism=4)EXCEPTION testSecurityMechanism()
 Connection authentication failure occurred.  Reason: security mechanism not supported.
 # jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=calvin;password=hobbes;securityMechanism=3
@@ -162,8 +162,8 @@
 TEST_DS (user=calvin,securityMechanism=9)EXCEPTION testSecurityMechanism()  Password can
not be null.
 # jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=calvin;securityMechanism=8
- EXCEPTION Password can not be null.
 TEST_DS (user=calvin,securityMechanism=8)EXCEPTION testSecurityMechanism()  Password can
not be null.
-Test: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;password=hobbes - EXCEPTION
Connection authentication failure occurred.  Reason: security mechanism not supported.
-TEST_DS(password=hobbes)EXCEPTION getDataSourceConnection()  Connection authentication failure
occurred.  Reason: security mechanism not supported.
+Test: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;password=hobbes
+TEST_DS(password=hobbes) OK
 # jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;password=hobbes;securityMechanism=4
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.
 TEST_DS (password=hobbes,securityMechanism=4)EXCEPTION testSecurityMechanism()  Connection
authentication failure occurred.  Reason: security mechanism not supported.
 # jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;password=hobbes;securityMechanism=3
@@ -188,7 +188,7 @@
 T4: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=neelima;password=lee;securityMechanism=3
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.
 T1: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat - EXCEPTION Connection
authentication failure occurred.  Reason: security mechanism not supported.
 T2: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=max - EXCEPTION Connection
authentication failure occurred.  Reason: security mechanism not supported.
-T3: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=neelima;password=lee
+T3: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=neelima;password=lee
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.
 T5: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=neelima;password=lee;securityMechanism=9
 T6: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=neelima;securityMechanism=4
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.
 T8: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=neelima;password=lee;securityMechanism=4
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.
@@ -201,8 +201,8 @@
  query ok 
 OK
 ******testAllCombinationsOfUserPasswordsSecMecInput***
-Test: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=calvin;password=hobbes
-TEST_DS(user=calvin;password=hobbes) OK
+Test: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=calvin;password=hobbes
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.
+TEST_DS(user=calvin;password=hobbes)EXCEPTION getDataSourceConnection()  Connection authentication
failure occurred.  Reason: security mechanism not supported.
 # jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=calvin;password=hobbes;securityMechanism=4
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.
 TEST_DS (user=calvin;password=hobbes,securityMechanism=4)EXCEPTION testSecurityMechanism()
 Connection authentication failure occurred.  Reason: security mechanism not supported.
 # jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=calvin;password=hobbes;securityMechanism=3
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.
@@ -221,8 +221,8 @@
 TEST_DS (user=calvin,securityMechanism=9)EXCEPTION testSecurityMechanism()  Password can
not be null.
 # jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;user=calvin;securityMechanism=8
- EXCEPTION Password can not be null.
 TEST_DS (user=calvin,securityMechanism=8)EXCEPTION testSecurityMechanism()  Password can
not be null.
-Test: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;password=hobbes
-TEST_DS(password=hobbes) OK
+Test: jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;password=hobbes - EXCEPTION
Connection authentication failure occurred.  Reason: security mechanism not supported.
+TEST_DS(password=hobbes)EXCEPTION getDataSourceConnection()  Connection authentication failure
occurred.  Reason: security mechanism not supported.
 # jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;password=hobbes;securityMechanism=4
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.
 TEST_DS (password=hobbes,securityMechanism=4)EXCEPTION testSecurityMechanism()  Connection
authentication failure occurred.  Reason: security mechanism not supported.
 # jdbc:derby://xxxFILTERED_HOSTNAMExxx:xxxFILTEREDPORTxxx/wombat;password=hobbes;securityMechanism=3
- EXCEPTION Connection authentication failure occurred.  Reason: security mechanism not supported.

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/derbynet/testSecMec.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/derbynet/testSecMec.java?rev=439775&r1=439774&r2=439775&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/derbynet/testSecMec.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/derbynet/testSecMec.java
Sun Sep  3 06:21:33 2006
@@ -506,8 +506,8 @@
      * then client will do an automatic switching (upgrade) of
      * security mechanism to use. The logic is as follows :
      * if password is available, and if the JVM in which the client is running 
-     * supports EUSRIDPWD mechanism, in that case the security mechanism is 
-     * upgraded to EUSRIDPWD.
+     * supports EUSRIDPWD mechanism, in that case also, USRIDPWD security mechanism is 
+     * used. 
      * if password is available, and if the JVM in which the client is running 
      * does not support EUSRIDPWD mechanism, in that case the client will then
      * default to USRIDPWD.
@@ -550,7 +550,7 @@
 	 b) Connection request specifies a password or not
 	 c) Connection request specifies securityMechanism or not. the valid
 	 values are 4(USRIDONL), 3(USRIDPWD), 9(EUSRIDPWD) and 8(USRSSBPWD).
-	 d) support eusridpwd means whether this jvm supports encrypted userid/
+	 d) support eusridpwd means whether this client jvm supports encrypted userid/
 	 password security mechanism or not.  A value of Y means it supports
 	 and N means no.
 	 The next three columns specify what the client sends to the server
@@ -572,9 +572,9 @@
 	 =================================================================
      |SecMec not specified on connection request                    
 	 =================================================================
-	 |Y    |Y     |-       |Y         |Y        Y       9            |
+	 |Y    |Y     |-       |Y         |Y        Y       3            |
 	 |----------------------------------------------------------------
-	 |     |Y     |-       |Y         |Y        Y       9            |
+	 |     |Y     |-       |Y         |Y        Y       3            |
 	 -----------------------------------------------------------------
 	 |Y    |      |-       |Y         |Y        N       4            |
 	 -----------------------------------------------------------------



Mime
View raw message