From derby-dev-return-76321-apmail-db-derby-dev-archive=db.apache.org@db.apache.org Wed Mar 03 14:20:55 2010 Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 32251 invoked from network); 3 Mar 2010 14:20:55 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 3 Mar 2010 14:20:55 -0000 Received: (qmail 67934 invoked by uid 500); 3 Mar 2010 14:20:47 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 67906 invoked by uid 500); 3 Mar 2010 14:20:47 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 67898 invoked by uid 99); 3 Mar 2010 14:20:47 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 03 Mar 2010 14:20:47 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 03 Mar 2010 14:20:47 +0000 Received: from brutus.apache.org (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 422A7234C4BE for ; Wed, 3 Mar 2010 14:20:27 +0000 (UTC) Message-ID: <1850259641.36771267626027269.JavaMail.jira@brutus.apache.org> Date: Wed, 3 Mar 2010 14:20:27 +0000 (UTC) From: "Knut Anders Hatlen (JIRA)" To: derby-dev@db.apache.org Subject: [jira] Updated: (DERBY-4483) Provide a way to change the hash algorithm used by BUILTIN authentication In-Reply-To: <526285707.1261139298094.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/DERBY-4483?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Knut Anders Hatlen updated DERBY-4483: -------------------------------------- Attachment: upgrade-test.diff Attaching an upgrade test that verifies that the new algorithm is only used in hard-upgraded databases. The upgrade test framework does not support tests that use authentication, but I found that the roles tests worked around this by creating a separate database and manually enabling authentication on it, so I followed that pattern. > Provide a way to change the hash algorithm used by BUILTIN authentication > ------------------------------------------------------------------------- > > Key: DERBY-4483 > URL: https://issues.apache.org/jira/browse/DERBY-4483 > Project: Derby > Issue Type: Improvement > Components: Services > Affects Versions: 10.5.3.0 > Reporter: Knut Anders Hatlen > Assignee: Knut Anders Hatlen > Priority: Minor > Attachments: experiment.diff, upgrade-test.diff > > > The BUILTIN authentication scheme protects the passwords by hashing them with the SHA-1 algorithm. It would be nice to have way to specify a different algorithm so that users can take advantage of new, stronger algorithms provided by their JCE provider if so desired. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.