Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-5970

Check that connection attributes have legal values.

Agile BoardAttach filesAttach ScreenshotAdd voteVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 10.10.1.1
    • None
    • Services
    • Normal
    • Security

    Description

      At boot time, Derby does not check whether connection attributes are set to legal values. This can cause them to be silently ignored. In the case of security operations like re(un)encryption, these silent failures deceive the DBO into thinking that the security behavior of the database has changed when, in fact, it hasn't. We should do the following:

      1) Prevent decryptDatabase from being set to an illegal value. Since this is a new attribute, there are no backward compatibility issues.

      2) Evaluate other attributes on a case-by-case basis to determine which ones should raise exceptions if they are set to illegal values. Technically, this may result in backwardly incompatible behavior. However, I think that for most attributes, we will decide that the incompatibility is minor and is a welcome bugfix.

      Attachments

        1. AttributeChecks.html
          14 kB
          Richard N. Hillegas
        2. AttributeChecks.html
          14 kB
          Richard N. Hillegas
        3. AttributeChecks.html
          14 kB
          Richard N. Hillegas
        4. AttributeChecks.html
          7 kB
          Richard N. Hillegas
        5. derby-5970-02-aa-vetDataEncryptionValue.diff
          2 kB
          Richard N. Hillegas
        6. derby-5970-01-ab-vetDecryptDatabaseValue.diff
          3 kB
          Richard N. Hillegas
        7. derby-5970-01-aa-vetDecryptDatabaseValue.diff
          3 kB
          Richard N. Hillegas

        Issue Links

        incorporates

        Improvement - An improvement or enhancement to an existing feature or task. DERBY-284 Show warning message , if hard upgrade was not executed because upgrade=true was designated on or after 2nd connection.

        • Trivial - Cosmetic problem like misspelt words or misaligned text.
        • Open

        Improvement - An improvement or enhancement to an existing feature or task. DERBY-4254 If upgrade is not performed when connecting with the upgrade=true atribute is specified, Derby should produce a warning

        • Minor - Minor loss of function, or other problem where easy workaround is present.
        • Closed
        is related to

        Bug - A problem which impairs or prevents the functions of the product. DERBY-6706 Derby does not check invalid configuration option name in derby.properties

        • Major - Major loss of function.
        • Open

        Bug - A problem which impairs or prevents the functions of the product. DERBY-1151 ij does not issue a warning if the attribute verifyKey.dat is set on an embedded URL.

        • Trivial - Cosmetic problem like misspelt words or misaligned text.
        • Open

        Bug - A problem which impairs or prevents the functions of the product. DERBY-5993 The Reference Manual shows an embedded url in its example for the client-side-only retrieveMessageText attribute.

        • Minor - Minor loss of function, or other problem where easy workaround is present.
        • Closed

        Bug - A problem which impairs or prevents the functions of the product. DERBY-6002 Reference manual is unclear on when territory can be set

        • Minor - Minor loss of function, or other problem where easy workaround is present.
        • Closed
        relates to

        Bug - A problem which impairs or prevents the functions of the product. DERBY-5907 Warnings missing on client driver

        • Major - Major loss of function.
        • Open

        Improvement - An improvement or enhancement to an existing feature or task. DERBY-5792 Make it possible to turn off encryption on an already encrypted database.

        • Major - Major loss of function.
        • Closed

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            rhillegas Richard N. Hillegas
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:

              Slack

                Issue deployment