Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-866

Derby User Management Enhancements

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 10.2.1.6
    • Fix Version/s: 10.9.1.0
    • Component/s: Services
    • Labels:
      None
    • Urgency:
      Normal
    • Issue & fix info:
      Patch Available
    • Bug behavior facts:
      Security

      Description

      Proposal to enhance Derby's Built-In DDL User Management. (See proposal spec attached to the JIRA).

      Abstract:

      This feature aims at improving the way BUILT-IN users are managed in Derby by providing a more intuitive and familiar DDL interface. Currently (in 10.1.2.1), Built-In users can be defined at the system and/or database level. Users created at the system level can be defined via JVM or/and Derby system properties in the derby.properties file. Built-in users created at the database level are defined via a call to a Derby system procedure (SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY) which sets a database property.

      Defining a user at the system level is very convenient and practical during the development phase (EOD) of an application - However, the user's password is not encrypted and consequently appears in clear in the derby.properties file. Hence, for an application going into production, whether it is embedded or not, it is preferable to create users at the database level where the password is encrypted.

      There is no real ANSI SQL standard for managing users in SQL but by providing a more intuitive and known interface, it will ease Built-In User management at the database level as well as Derby's adoption.

        Attachments

        1. Derby_User_Enhancement_v1.1.html
          8 kB
          Francois Orsini
        2. Derby_User_Enhancement.html
          7 kB
          Francois Orsini
        3. derby-866-01-aa-sysusers.diff
          48 kB
          Rick Hillegas
        4. derby-866-01-ab-sysusers.diff
          50 kB
          Rick Hillegas
        5. derby-866-02-ag-createDropUser.diff
          68 kB
          Rick Hillegas
        6. derby-866-03-aa-resetModifyPassword.diff
          20 kB
          Rick Hillegas
        7. derby-866-03-ab-resetModifyPassword.diff
          21 kB
          Rick Hillegas
        8. derby-866-04-aa-fixRolesTest.diff
          2 kB
          Rick Hillegas
        9. derby-866-05-aa-grantRevoke.diff
          2 kB
          Rick Hillegas
        10. derby-866-06-aa-upgradeFrom10.1.diff
          0.7 kB
          Rick Hillegas
        11. derby-866-07-aa-removeSQLPassword.diff
          45 kB
          Rick Hillegas
        12. derby-866-08-aa-passwordHasher.diff
          40 kB
          Rick Hillegas
        13. derby-866-08-ab-passwordHasher.diff
          40 kB
          Rick Hillegas
        14. derby-866-08-ad-passwordHasher.diff
          45 kB
          Rick Hillegas
        15. derby-866-09-ad-nativeAuthenticationService.diff
          40 kB
          Rick Hillegas
        16. derby-866-09-ae-nativeAuthenticationServiceWithTests.diff
          67 kB
          Rick Hillegas
        17. derby-866-10-ac-propChanging.diff
          30 kB
          Rick Hillegas
        18. derby-866-11-aa-upgradeTest.diff
          5 kB
          Rick Hillegas
        19. derby-866-12-ac-passwordExpiration.diff
          23 kB
          Rick Hillegas
        20. derby-866-13-ab-systemWideOperationTests.diff
          14 kB
          Rick Hillegas
        21. derby-866-14-ac-badNativeSpec.diff
          13 kB
          Rick Hillegas
        22. derby-866-15-ae-dbInJarFileOrOnClasspath.diff
          34 kB
          Rick Hillegas
        23. derby-866-16-aa-credDBViaSubprotocol.diff
          15 kB
          Rick Hillegas
        24. derby-866-17-aa-grantRevokeNative.diff
          6 kB
          Rick Hillegas
        25. derby-866-18-aa-encryptedCredentialsDB.diff
          31 kB
          Rick Hillegas
        26. derby-866-19-aa-replicationTest.diff
          20 kB
          Rick Hillegas
        27. derby-866-20-aa-npeAndUserProbing.diff
          6 kB
          Rick Hillegas
        28. derby-866-20-ab-npeAndUserProbing.diff
          5 kB
          Rick Hillegas
        29. derby-866-21-aa-emptyCredentials.diff
          8 kB
          Rick Hillegas
        30. derby-866-21-ab-emptyCredentials.diff
          10 kB
          Rick Hillegas
        31. derby-866-22-aa-dboFirst.diff
          50 kB
          Rick Hillegas
        32. derby-866-23-aa-improveErrorMessages.diff
          2 kB
          Rick Hillegas
        33. derby-866-24-aa-dboMustTurnOnSecurity.diff
          5 kB
          Rick Hillegas
        34. DummyAuthenticator.java
          3 kB
          Rick Hillegas
        35. dummyCredentials.properties
          0.1 kB
          Rick Hillegas
        36. releaseNote.html
          4 kB
          Rick Hillegas
        37. releaseNote.html
          4 kB
          Rick Hillegas
        38. UserManagement.html
          36 kB
          Rick Hillegas
        39. UserManagement.html
          34 kB
          Rick Hillegas
        40. UserManagement.html
          33 kB
          Rick Hillegas
        41. UserManagement.html
          31 kB
          Rick Hillegas
        42. UserManagement.html
          25 kB
          Rick Hillegas
        43. UserManagement.html
          22 kB
          Rick Hillegas
        44. UserManagement.html
          16 kB
          Rick Hillegas

          Issue Links

            Activity

              People

              • Assignee:
                rhillegas Rick Hillegas
                Reporter:
                forsini Francois Orsini
              • Votes:
                2 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: