db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Deepa Remesh (JIRA)" <derby-...@db.apache.org>
Subject [jira] Updated: (DERBY-1608) Execution of builtin functions by a user who is not the owner of system schemas gives NPE when authentication and SQL authorization are on.
Date Fri, 28 Jul 2006 23:06:14 GMT
     [ http://issues.apache.org/jira/browse/DERBY-1608?page=all ]

Deepa Remesh updated DERBY-1608:
--------------------------------

    Summary: Execution of builtin functions by a user who is not the owner of system schemas
gives NPE when authentication and SQL authorization are on.  (was: After upgrade, execution
of builtin functions gives NPE if database property derby.database.sqlAuthorization is set
to true)

This problem is not related to upgrade. This was noticed in the upgraded database because
of a known issue in upgrade (the owner of system schemas is not changed from "DBA" to the
user invoking upgrade)

Earlier, I could not repro it with a new database in 10.2 as I was trying only as default
user. Looking at the code, it seemed that this could also happen in a new 10.2 database. I
could repro this when I turned authentication on and tried executing a builtin function as
a user who is not the owner of system schemas. To repro in 10.2: 

1)  Start ij with following in derby.properties file: 

derby.connection.requireAuthentication=true
derby.database.sqlAuthorization=true

derby.user.creator=pswd
derby.user.deepa=pswd

2) In ij, run the following commands:
ij> connect 'jdbc:derby:newdb;create=true;user=creator;password=pswd';
ij> VALUES { fn ACOS(0.0707) };
1
----------------------
1.5000372950430991

1 row selected
ij> connect 'jdbc:derby:newdb;user=deepa;password=pswd';
ij(CONNECTION1)> VALUES { fn ACOS(0.0707) };
ERROR XJ001: Java exception: ': java.lang.NullPointerException'.
ij(CONNECTION1)> exit;

In general, NPE is thrown whenever we try to execute a builtin function as a user who is not
the owner of the system schemas.  

> Execution of builtin functions by a user who is not the owner of system schemas gives
NPE when authentication and SQL authorization are on.
> -------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-1608
>                 URL: http://issues.apache.org/jira/browse/DERBY-1608
>             Project: Derby
>          Issue Type: Bug
>          Components: SQL
>            Reporter: Deepa Remesh
>         Assigned To: Deepa Remesh
>             Fix For: 10.2.0.0
>
>
> 1. Create a database in 10.1
> 2. Full upgrade to 10.2 - Booting using 10.2 jars by specifying "upgrade=true" in the
connection URL.
> 3. Execute a function e.g: VALUES { fn ACOS(0.0707) }. This passes as expected.
> 4. Set database property derby.database.sqlAuthorization=true.
> 5. Shutdown and reconnect to database for the property to take effect.
> 6. Re-execute the function. This gives NPE.
> Repro using ij:
> --------------------------------------------------------------------------------
> Steps using 10.1 jar:
> --------------------------------------------------------------------------------
> ij version 10.1
> ij> connect 'jdbc:derby:old_db;create=true';
> ij> exit;
> --------------------------------------------------------------------------------
> Steps using 10.2 jar:
> --------------------------------------------------------------------------------
> ij version 10.2
> ij> connect 'jdbc:derby:old_db;upgrade=true';
> ij> VALUES { fn ACOS(0.0707) };
> 1
> ----------------------
> 1.5000372950430991
> 1 row selected
> ij> call SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY('derby.database.sqlAuthorization',
'true');
> 0 rows inserted/updated/deleted
> ij> connect 'jdbc:derby:old_db;shutdown=true';
> ERROR 08006: Database 'old_db' shutdown.
> ij> connect 'jdbc:derby:old_db';
> ij(CONNECTION1)> VALUES { fn ACOS(0.0707) };
> ERROR XJ001: Java exception: ': java.lang.NullPointerException'.
> ij(CONNECTION1)>
> --------------------------------------------------------------------------------
> Stack trace of failure:
> --------------------------------------------------------------------------------
> ERROR XJ001: Java exception: ': java.lang.NullPointerException'.
> java.lang.NullPointerException
>         at org.apache.derby.iapi.sql.dictionary.RoutinePermsDescriptor.<init>(RoutinePermsDescriptor
> .java:54)
>         at org.apache.derby.iapi.sql.dictionary.RoutinePermsDescriptor.<init>(RoutinePermsDescriptor
> .java:62)
>         at org.apache.derby.impl.sql.catalog.DataDictionaryImpl.getRoutinePermissions(DataDictionary
> Impl.java:9902)
>         at org.apache.derby.iapi.sql.dictionary.StatementRoutinePermission.check(StatementRoutinePer
> mission.java:55)
>         at org.apache.derby.impl.sql.conn.GenericAuthorizer.authorize(GenericAuthorizer.java:157)
>         at org.apache.derby.exe.ac6b91c056x010cxb687x3eb7x00000012d1c00.fillResultSet(Unknown
Source
> )
>         at org.apache.derby.exe.ac6b91c056x010cxb687x3eb7x00000012d1c00.execute(Unknown
Source)
>         at org.apache.derby.impl.sql.GenericActivationHolder.execute(GenericActivationHolder.java:32
> 6)
>         at org.apache.derby.impl.sql.GenericPreparedStatement.execute(GenericPreparedStatement.java:
> 355)
>         at org.apache.derby.impl.jdbc.EmbedStatement.executeStatement(EmbedStatement.java:1181)
>         at org.apache.derby.impl.jdbc.EmbedStatement.execute(EmbedStatement.java:584)
>         at org.apache.derby.impl.jdbc.EmbedStatement.execute(EmbedStatement.java:516)
>         at org.apache.derby.impl.tools.ij.ij.executeImmediate(ij.java:313)
>         at org.apache.derby.impl.tools.ij.utilMain.doCatch(utilMain.java:433)
>         at org.apache.derby.impl.tools.ij.utilMain.go(utilMain.java:312)
>         at org.apache.derby.impl.tools.ij.Main.go(Main.java:207)
>         at org.apache.derby.impl.tools.ij.Main.mainCore(Main.java:173)
>         at org.apache.derby.impl.tools.ij.Main14.main(Main14.java:55)
>         at org.apache.derby.tools.ij.main(ij.java:60)

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message