db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (Updated) (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (DERBY-5647) NATIVE warns about password expiry for DBO
Date Tue, 13 Mar 2012 13:43:40 GMT

     [ https://issues.apache.org/jira/browse/DERBY-5647?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Rick Hillegas updated DERBY-5647:
---------------------------------

    Attachment: derby-5647-01-aa-staleDBOpassword.diff

Attaching derby-5647-01-aa-staleDBOpassword.diff. This patch adds a new warning message for
the expiration of the DBO's password, as Knut and Kristian advised. Committed at subversion
revision 1300120.

I'm not clear on whether we should write password expiration warnings to derby.log. As Kristian
notes, this could just turn into spam. In addition, I would feel more comfortable about writing
this kind of information to a security audit log rather than to the general diagnostic log
(and we don't have a separate security audit log yet).

Touches the following files:

M       java/engine/org/apache/derby/impl/jdbc/authentication/NativeAuthenticationServiceImpl.java
M       java/engine/org/apache/derby/loc/messages.xml
M       java/shared/org/apache/derby/shared/common/reference/SQLState.java
M       java/testing/org/apache/derbyTesting/functionTests/tests/lang/NativeAuthenticationServiceTest.java

                
> NATIVE warns about password expiry for DBO
> ------------------------------------------
>
>                 Key: DERBY-5647
>                 URL: https://issues.apache.org/jira/browse/DERBY-5647
>             Project: Derby
>          Issue Type: Bug
>          Components: Services
>    Affects Versions: 10.9.0.0
>            Reporter: Knut Anders Hatlen
>            Priority: Minor
>         Attachments: derby-5647-01-aa-staleDBOpassword.diff
>
>
> The DBO's password cannot expire. Still, NATIVE warns that the password is about to expire.
> ij> connect 'jdbc:derby:authdb;create=true;user=admin';
> ij> call syscs_util.syscs_set_database_property('derby.authentication.native.passwordLifetimeMillis',
'100');
> 0 rows inserted/updated/deleted
> ij> call syscs_util.syscs_create_user('ADMIN', '%*$');
> 0 rows inserted/updated/deleted
> ij> call syscs_util.syscs_set_database_property('derby.authentication.provider', 'NATIVE::LOCAL');
> 0 rows inserted/updated/deleted
> ij> connect 'jdbc:derby:authdb;shutdown=true';
> ERROR 08006: Database 'authdb' shutdown.
> ij> connect 'jdbc:derby:authdb;user=admin;password=%*$';
> WARNING 01J15: Your password will expire in 0 day(s). Please use the SYSCS_UTIL.SYSCS_MODIFY_PASSWORD
 procedure to change your password.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message