Derby
  1. Derby
  2. DERBY-5507

Orderly shutdown fails if you are using BUILTIN authentication and turn on derby.database.propertiesOnly

    Details

    • Urgency:
      Normal
    • Bug behavior facts:
      Security

      Description

      The following script raises an assertion on the last line. We are failing during the encryption of the password. The assertion prints out the plaintext of the password. I ran the script with the following command line:

      java \
      -Dderby.connection.requireAuthentication=true \
      -Dderby.authentication.provider=BUILTIN \
      -Dderby.user.test_dbo=test_dbopassword \
      org.apache.derby.tools.ij $SCRIPT

      Here is the script:

      connect 'jdbc:derby:memory:db;create=true;user=test_dbo;password=test_dbopassword';

      call syscs_util.syscs_set_database_property( 'derby.connection.requireAuthentication', 'true' );
      call syscs_util.syscs_set_database_property( 'derby.authentication.provider', 'BUILTIN' );

      – shutdown works correctly if you comment out the following two lines
      call syscs_util.syscs_set_database_property( 'derby.user.test_dbo', 'test_dbopassword' );
      call syscs_util.syscs_set_database_property( 'derby.database.propertiesOnly', 'true' );

      – fails to authenticate correct credentials
      connect 'jdbc:derby:memory:db;shutdown=true;user=test_dbo;password=test_dbopassword';

      Here is the assertion printed on the screen:

      ERROR XJ001: Java exception: 'ASSERT FAILED Unknown authentication scheme for token test_dbopassword: org.apache.derby.shared.common.sanity.AssertFailure'.

      Here is the stack trace in derby.log:

      org.apache.derby.shared.common.sanity.AssertFailure: ASSERT FAILED Unknown authentication scheme for token test_dbopassword
      at org.apache.derby.shared.common.sanity.SanityManager.THROWASSERT(SanityManager.java:162)
      at org.apache.derby.shared.common.sanity.SanityManager.THROWASSERT(SanityManager.java:147)
      at org.apache.derby.impl.jdbc.authentication.BasicAuthenticationServiceImpl.encryptPasswordUsingStoredAlgorithm(BasicAuthenticationServiceImpl.java:282)
      at org.apache.derby.impl.jdbc.authentication.BasicAuthenticationServiceImpl.authenticateUser(BasicAuthenticationServiceImpl.java:199)
      at org.apache.derby.impl.jdbc.authentication.AuthenticationServiceBase.authenticate(AuthenticationServiceBase.java:279)
      at org.apache.derby.impl.jdbc.EmbedConnection.checkUserCredentials(EmbedConnection.java:1220)
      at org.apache.derby.impl.jdbc.EmbedConnection.<init>(EmbedConnection.java:422)
      at org.apache.derby.impl.jdbc.EmbedConnection30.<init>(EmbedConnection30.java:73)
      at org.apache.derby.impl.jdbc.EmbedConnection40.<init>(EmbedConnection40.java:51)
      at org.apache.derby.jdbc.Driver40.getNewEmbedConnection(Driver40.java:70)
      at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:255)
      at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:143)
      at java.sql.DriverManager.getConnection(DriverManager.java:582)
      at java.sql.DriverManager.getConnection(DriverManager.java:154)
      at org.apache.derby.impl.tools.ij.ij.dynamicConnection(ij.java:1528)
      at org.apache.derby.impl.tools.ij.ij.ConnectStatement(ij.java:1358)
      at org.apache.derby.impl.tools.ij.ij.ijStatement(ij.java:1143)
      at org.apache.derby.impl.tools.ij.utilMain.runScriptGuts(utilMain.java:347)
      at org.apache.derby.impl.tools.ij.utilMain.go(utilMain.java:245)
      at org.apache.derby.impl.tools.ij.Main.go(Main.java:229)
      at org.apache.derby.impl.tools.ij.Main.mainCore(Main.java:184)
      at org.apache.derby.impl.tools.ij.Main.main(Main.java:75)
      at org.apache.derby.tools.ij.main(ij.java:59)

      1. d5507-1a.diff
        3 kB
        Knut Anders Hatlen

        Issue Links

          Activity

          Rick Hillegas created issue -
          Knut Anders Hatlen made changes -
          Field Original Value New Value
          Assignee Knut Anders Hatlen [ knutanders ]
          Knut Anders Hatlen made changes -
          Attachment d5507-1a.diff [ 12507703 ]
          Knut Anders Hatlen made changes -
          Status Open [ 1 ] In Progress [ 3 ]
          Knut Anders Hatlen made changes -
          Status In Progress [ 3 ] Resolved [ 5 ]
          Fix Version/s 10.9.0.0 [ 12316344 ]
          Resolution Fixed [ 1 ]
          Knut Anders Hatlen made changes -
          Link This issue relates to DERBY-3272 [ DERBY-3272 ]
          Rick Hillegas made changes -
          Status Resolved [ 5 ] Closed [ 6 ]
          Gavin made changes -
          Workflow jira [ 12642710 ] Default workflow, editable Closed status [ 12802657 ]
          Kathey Marsden made changes -
          Labels derby_backport_reject_10_8

            People

            • Assignee:
              Knut Anders Hatlen
              Reporter:
              Rick Hillegas
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development