Derby
  1. Derby
  2. DERBY-3271

Using BUILTIN authentication, I can't log in as database creator after storing credentials in the database.

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Duplicate
    • Affects Version/s: 10.3.1.4
    • Fix Version/s: None
    • Component/s: JDBC, Services
    • Labels:
      None
    • Bug behavior facts:
      Security

      Description

      Using builtin authentication I am able to create a database and store credentials for 2 users: the original database creator and a second user. After that, I am able to reconnect as the second user but not as the original database creator. My test case follows.

      ------------------------------

      Here is my command for running ij with authentication turned on:

      java \
      -cp $CLASSPATH \
      -Dderby.stream.error.logSeverityLevel=0 \
      \
      -Dderby.connection.requireAuthentication=true \
      -Dderby.authentication.provider=BUILTIN \
      -Dderby.user.builtindba=dummypassword \
      \
      org.apache.derby.tools.ij myscript.sql

      Here is the first run of my script. This creates the database and stores credentials for 2 users, including the connected user:

      ij version 10.4
      ij> –
      -- First try to connect as builtindba.

      connect 'jdbc:derby:derby_builtin;create=true;user=builtindba;password=dummypassword';
      ij> –
      -- If I can't connect as builtindba, try connecting as fred.

      connect 'jdbc:derby:derby_builtin;create=true;user=fred;password=wilma';
      ERROR 08004: Connection authentication failure occurred. Reason: Invalid authentication..
      ij> –
      -- Store passwords in the database where they will be encrypted.

      call syscs_util.syscs_set_database_property( 'derby.user.builtindba', 'dummypassword' );
      0 rows inserted/updated/deleted
      ij> call syscs_util.syscs_set_database_property( 'derby.user.fred', 'wilma' );
      0 rows inserted/updated/deleted
      ij> values current_user;
      1
      --------------------------------------------------------------------------------------------------------------------------------
      BUILTINDBA

      1 row selected

      Here is the second run of my script. This fails to connect as the original user but succeeds as the other user:

      ij version 10.4
      ij> –
      -- First try to connect as builtindba.

      connect 'jdbc:derby:derby_builtin;create=true;user=builtindba;password=dummypassword';
      ERROR 08004: Connection authentication failure occurred. Reason: Invalid authentication..
      ij> –
      -- If I can't connect as builtindba, try connecting as fred.

      connect 'jdbc:derby:derby_builtin;create=true;user=fred;password=wilma';
      WARNING 01J01: Database 'derby_builtin' not created, connection made to existing database instead.
      ij> –
      -- Store passwords in the database where they will be encrypted.

      call syscs_util.syscs_set_database_property( 'derby.user.builtindba', 'dummypassword' );
      0 rows inserted/updated/deleted
      ij> call syscs_util.syscs_set_database_property( 'derby.user.fred', 'wilma' );
      0 rows inserted/updated/deleted
      ij> values current_user;
      1
      --------------------------------------------------------------------------------------------------------------------------------
      FRED

      1 row selected

      1. Derby3271Repro.java
        6 kB
        John H. Embretsen

        Issue Links

          Activity

          Gavin made changes -
          Workflow jira [ 12419066 ] Default workflow, editable Closed status [ 12801590 ]
          Rick Hillegas made changes -
          Status Resolved [ 5 ] Closed [ 6 ]
          Kathey Marsden made changes -
          Status Open [ 1 ] Resolved [ 5 ]
          Resolution Duplicate [ 3 ]
          Kathey Marsden made changes -
          Link This issue duplicates DERBY-3272 [ DERBY-3272 ]
          Dag H. Wanvik made changes -
          Component/s JDBC [ 11407 ]
          Component/s Services [ 11415 ]
          Dag H. Wanvik made changes -
          Component/s Security [ 11411 ]
          Dag H. Wanvik made changes -
          Derby Categories [Security]
          Rick Hillegas made changes -
          Link This issue is related to DERBY-3272 [ DERBY-3272 ]
          John H. Embretsen made changes -
          Link This issue is related to DERBY-224 [ DERBY-224 ]
          John H. Embretsen made changes -
          Field Original Value New Value
          Attachment Derby3271Repro.java [ 12371521 ]
          Rick Hillegas created issue -

            People

            • Assignee:
              Unassigned
              Reporter:
              Rick Hillegas
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development