Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-5648

Unclear password expiry warning when using separate credentials db

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 10.9.1.0
    • 10.9.1.0
    • Services
    • None

    Description

      If you log on to a database (other than the credentials db) and your password is about to expire, you'll be advised to change your password using the SYSCS_UTIL.SYSCS_MODIFY_PASSWORD procedure. However, the warning message does not say you need to log on to the credentials db to change your password. This may lead the user to modify the password in the current database instead of the credentials database, thinking everything is well.

      ij(CONNECTION1)> connect 'jdbc:derby:otherdb;user=test;password=abc';
      WARNING 01J15: Your password will expire in 0 day(s). Please use the SYSCS_UTIL.SYSCS_MODIFY_PASSWORD procedure to change your password.
      ij(CONNECTION2)> CALL SYSCS_UTIL.SYSCS_MODIFY_PASSWORD('new-password');
      0 rows inserted/updated/deleted
      ij(CONNECTION2)> connect 'jdbc:derby:otherdb;user=test;password=new-password';
      ERROR 08004: Connection authentication failure occurred. Reason: Invalid authentication..

      Even though SYSCS_MODIFY_PASSWORD succeeds, the password has not been updated in the credentials db.

      Attachments

        1. derby-5648-01-ab-missingUser.diff
          11 kB
          Richard N. Hillegas
        2. derby-5648-01-aa-missingUser.diff
          10 kB
          Richard N. Hillegas

        Issue Links

          Activity

            People

              rhillegas Richard N. Hillegas
              knutanders Knut Anders Hatlen
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: