db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel John Debrunner (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-1828) Access rule violations should use a SQL state starting with '42' according to the SQL standard.
Date Mon, 30 Apr 2007 15:31:15 GMT

    [ https://issues.apache.org/jira/browse/DERBY-1828?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12492687

Daniel John Debrunner commented on DERBY-1828:

Just on this one:

> Currently in SQLState:
> AUTH_INVALID_USER_NAME                                      = "28502.C";
> The message for this is "The user name '{0}' is not valid." Another case of 08004? 

I think this remains as 28xxx, it's for the format of the user identifier being invalid, not
that the user is not a valid user in the set of authenticated users.

For an authentication failure Derby reports just that authentication failed. Systems should
not report what specifically failed in an authentication
check, e.g. password is incorrect or user not known by the system. That provides more information
for someone trying to break into the system.

> Access rule violations should use a SQL state starting with '42' according to the SQL
> -----------------------------------------------------------------------------------------------
>                 Key: DERBY-1828
>                 URL: https://issues.apache.org/jira/browse/DERBY-1828
>             Project: Derby
>          Issue Type: Bug
>          Components: JDBC
>    Affects Versions:,
>            Reporter: Daniel John Debrunner
>         Assigned To: Jørgen Løland
>         Attachments: DERBY-1828-1.diff, DERBY-1828-1.stat
> The SQL standard says that SQL State '42' is for "syntax error or access
> rule violation" (section 23.1).
> There is a question of what JDBC 4.0 exception should be thrown for a access rule violation,
> JDBC 4.0 maps '42' to SQLSyntaxErrorException which seems wrong for an access rule.
> Message thread:
> http://mail-archives.apache.org/mod_mbox/db-derby-dev/200609.mbox/%3c45004A04.5080002@apache.org%3e

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message