[
https://issues.apache.org/jira/browse/DERBY-3150?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kathey Marsden updated DERBY-3150:
----------------------------------
Issue & fix info: [Repro attached]
Urgency: Normal
Triaged for 10.5.2. Set normal urgency.
> BUILTIN authentication does not treat user names set in derby.user. as
> regular SQL identifiers when not quoted.
> ---------------------------------------------------------------------------------------------------------------
>
> Key: DERBY-3150
> URL: https://issues.apache.org/jira/browse/DERBY-3150
> Project: Derby
> Issue Type: Bug
> Components: JDBC
> Affects Versions: 10.0.2.0, 10.0.2.1, 10.1.1.0, 10.1.2.1, 10.1.3.1,
> 10.2.1.6, 10.2.2.0, 10.3.1.4, 10.4.1.3
> Reporter: Daniel John Debrunner
>
> The documentation for the property derby.user.userName says "User names are
> SQL92Identifiers and can be delimited." and has examples with delimited
> identifiers.
> For a regular identifier (non-quoted) the user name to password mapping is
> not normalized so that the user name is upper-case, this causes login
> failures when a user name is provided that matches the normalized name, but
> does not match the value in the property name.
> derby.user.dan=password
> Logging in with user name dan works, but DAN or Dan will not. Note that with
> any of these user names provided to JDBC, the SQL CURRENT_USER will return
> DAN.
> jdbc:derby:db;user=dan // ok
> jdbc:derby:db;user=Dan //not ok
> jdbc:derby:db;user=DAN // not ok
> Note that if the user name is normalized then the scheme would have to deal
> with this situation:
> derby.user.dan=passwordOne
> derby.user.DAN=passwordTwo
> These two properties refer to the same user, but two passwords are being
> defined.
> Test case in AuthenticationTest with this bug number.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
