[DERBY-3681] When authenticating a user at connect time, verify that the user provided is not also a defined role name. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 10.5.1.1
Component/s: Services, SQL
Labels:
None

Bug behavior facts:

Security

Description

Although we try to avoid creating role that are not also valid Derby users (see ~~DERBY-3673~~), we cannot
in general know for sure that no such user exists; it could be added to derby.properties after
the role has been created, authentication could be LDAP or user-defined, in which cases
the check at role creation time will not work. So, in order to avoid collisions between user identifiers and role identifiers, we shoudl check at connect time that there is no role by same name as the supplied user name.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

derby-3681-1.diff
21/May/08 21:38
8 kB
Dag H. Wanvik
derby-3681-1.stat
21/May/08 21:38
0.3 kB
Dag H. Wanvik
derby-3681-2.diff
22/May/08 19:04
8 kB
Dag H. Wanvik
derby-3681-2.stat
22/May/08 19:04
0.3 kB
Dag H. Wanvik

Activity

People

Assignee:: Dag H. Wanvik

Reporter:: Dag H. Wanvik

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 20/May/08 18:45

Updated:: 13/Jan/11 17:20

Resolved:: 23/May/08 14:06