Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-2736

Connecting with an invalid user identifier performs authentication before rejecting the connection.

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Minor
    • Resolution: Unresolved
    • 10.0.2.0, 10.0.2.1, 10.1.1.0, 10.1.2.1, 10.1.3.1, 10.2.1.6, 10.2.2.0, 10.3.1.4
    • None
    • Services
    • Normal
    • Newcomer, Repro attached
    • Security

    Description

      Ideally no authentication attempt should be made because the user identifier is invalid.
      E.g. with this URL

      jdbc:derby:db1;user=123

      the connection attempt will correctly fail but only after the authentication mechanism is called.

      If the application has installed its own UserAuthenticator class then that class will be called with an invalid identifier.
      I believe that the connection request should fail before calling any authentication, developers should only be required
      to handle valid identifiers.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. DERBY-5968 A failed connection attempt may nevertheless manage to boot the database.

          • Major - Major loss of function.
          • Open

          Activity

            People

              Unassigned Unassigned
              djd Daniel John Debrunner
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated: