Derby
  1. Derby
  2. DERBY-2736

Connecting with an invalid user identifier performs authentication before rejecting the connection.

    Details

    • Type: Bug Bug
    • Status: Open
    • Priority: Minor Minor
    • Resolution: Unresolved
    • Affects Version/s: 10.0.2.0, 10.0.2.1, 10.1.1.0, 10.1.2.1, 10.1.3.1, 10.2.1.6, 10.2.2.0, 10.3.1.4
    • Fix Version/s: None
    • Component/s: Services
    • Urgency:
      Normal
    • Issue & fix info:
      Newcomer, Repro attached
    • Bug behavior facts:
      Security

      Description

      Ideally no authentication attempt should be made because the user identifier is invalid.
      E.g. with this URL

      jdbc:derby:db1;user=123

      the connection attempt will correctly fail but only after the authentication mechanism is called.

      If the application has installed its own UserAuthenticator class then that class will be called with an invalid identifier.
      I believe that the connection request should fail before calling any authentication, developers should only be required
      to handle valid identifiers.

        Issue Links

          Activity

          Daniel John Debrunner created issue -
          Dag H. Wanvik made changes -
          Field Original Value New Value
          Derby Categories [Security]
          Dag H. Wanvik made changes -
          Component/s Security [ 11411 ]
          Dag H. Wanvik made changes -
          Component/s Services [ 11415 ]
          Hide
          Rick Hillegas added a comment -

          Triaged for 10.5.2: assigned normal urgency, noted that repro is available, recommended to newcomers.

          Show
          Rick Hillegas added a comment - Triaged for 10.5.2: assigned normal urgency, noted that repro is available, recommended to newcomers.
          Rick Hillegas made changes -
          Urgency Normal
          Issue & fix info [Newcomer, Repro attached]
          Kathey Marsden made changes -
          Labels derby_triage10_5_2
          Rick Hillegas made changes -
          Link This issue relates to DERBY-5968 [ DERBY-5968 ]
          Hide
          Rick Hillegas added a comment -

          Linking to DERBY-5968 because the same code is involved and a common fix might address both issues.

          Show
          Rick Hillegas added a comment - Linking to DERBY-5968 because the same code is involved and a common fix might address both issues.
          Gavin made changes -
          Workflow jira [ 12405239 ] Default workflow, editable Closed status [ 12802110 ]

            People

            • Assignee:
              Unassigned
              Reporter:
              Daniel John Debrunner
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:

                Development