[jira] Updated: (DERBY-4483) Provide a way to change the hash algorithm used by BUILTIN authentication

Fri, 12 Mar 2010 04:26:51 -0800 

     [ 
https://issues.apache.org/jira/browse/DERBY-4483?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Knut Anders Hatlen updated DERBY-4483:
--------------------------------------

    Attachment: derby-4483-1a.diff
                derby-4483-1a.stat

Attaching a new patch (derby-4483-1a) which merges the experiment patch and the 
upgrade test patch. Additionally, it contains the following changes:

- Some test cases have been added to AuthenticationTest (suggestions for more 
tests are welcome!)

- Comments have been expanded to contain most of the information in the writeup

- Renamed the old authentication mechanism to prevent confusion (including 
changes to constant names and method names)

- Added a more specific error message for the case where an invalid algorithm 
name has been specified:

ij> call syscs_util.syscs_set_database_property('derby.user.kah', 'test');
ERROR XBCXW: The message digest algorithm 'xyz' is not supported by any of the 
available cryptography providers. Please install a cryptography provider that 
supports that algorithm, or specify another algorithm in the 
derby.authentication.builtin.algorithm property.
ERROR XJ001: Java exception: 'xyz MessageDigest not available: 
java.security.NoSuchAlgorithmException'.

I believe this patch is ready for commit.

> Provide a way to change the hash algorithm used by BUILTIN authentication
> -------------------------------------------------------------------------
>
>                 Key: DERBY-4483
>                 URL: https://issues.apache.org/jira/browse/DERBY-4483
>             Project: Derby
>          Issue Type: Improvement
>          Components: Services
>    Affects Versions: 10.5.3.0
>            Reporter: Knut Anders Hatlen
>            Assignee: Knut Anders Hatlen
>            Priority: Minor
>         Attachments: derby-4483-1a.diff, derby-4483-1a.stat, experiment.diff, 
> upgrade-test.diff
>
>
> The BUILTIN authentication scheme protects the passwords by hashing them with 
> the SHA-1 algorithm. It would be nice to have way to specify a different 
> algorithm so that users can take advantage of new, stronger algorithms 
> provided by their JCE provider if so desired.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to