db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Knut Anders Hatlen (JIRA)" <j...@apache.org>
Subject [jira] Updated: (DERBY-4483) Provide a way to change the hash algorithm used by BUILTIN authentication
Date Fri, 12 Mar 2010 12:26:27 GMT

     [ https://issues.apache.org/jira/browse/DERBY-4483?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Knut Anders Hatlen updated DERBY-4483:
--------------------------------------

    Attachment: derby-4483-1a.diff
                derby-4483-1a.stat

Attaching a new patch (derby-4483-1a) which merges the experiment patch and the upgrade test
patch. Additionally, it contains the following changes:

- Some test cases have been added to AuthenticationTest (suggestions for more tests are welcome!)

- Comments have been expanded to contain most of the information in the writeup

- Renamed the old authentication mechanism to prevent confusion (including changes to constant
names and method names)

- Added a more specific error message for the case where an invalid algorithm name has been
specified:

ij> call syscs_util.syscs_set_database_property('derby.user.kah', 'test');
ERROR XBCXW: The message digest algorithm 'xyz' is not supported by any of the available cryptography
providers. Please install a cryptography provider that supports that algorithm, or specify
another algorithm in the derby.authentication.builtin.algorithm property.
ERROR XJ001: Java exception: 'xyz MessageDigest not available: java.security.NoSuchAlgorithmException'.

I believe this patch is ready for commit.

> Provide a way to change the hash algorithm used by BUILTIN authentication
> -------------------------------------------------------------------------
>
>                 Key: DERBY-4483
>                 URL: https://issues.apache.org/jira/browse/DERBY-4483
>             Project: Derby
>          Issue Type: Improvement
>          Components: Services
>    Affects Versions: 10.5.3.0
>            Reporter: Knut Anders Hatlen
>            Assignee: Knut Anders Hatlen
>            Priority: Minor
>         Attachments: derby-4483-1a.diff, derby-4483-1a.stat, experiment.diff, upgrade-test.diff
>
>
> The BUILTIN authentication scheme protects the passwords by hashing them with the SHA-1
algorithm. It would be nice to have way to specify a different algorithm so that users can
take advantage of new, stronger algorithms provided by their JCE provider if so desired.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message