Unclear password expiry warning when using separate credentials db
------------------------------------------------------------------
Key: DERBY-5648
URL: https://issues.apache.org/jira/browse/DERBY-5648
Project: Derby
Issue Type: Improvement
Components: Services
Affects Versions: 10.9.0.0
Reporter: Knut Anders Hatlen
Priority: Minor
If you log on to a database (other than the credentials db) and your password
is about to expire, you'll be advised to change your password using the
SYSCS_UTIL.SYSCS_MODIFY_PASSWORD procedure. However, the warning message does
not say you need to log on to the credentials db to change your password. This
may lead the user to modify the password in the current database instead of the
credentials database, thinking everything is well.
ij(CONNECTION1)> connect 'jdbc:derby:otherdb;user=test;password=abc';
WARNING 01J15: Your password will expire in 0 day(s). Please use the
SYSCS_UTIL.SYSCS_MODIFY_PASSWORD procedure to change your password.
ij(CONNECTION2)> CALL SYSCS_UTIL.SYSCS_MODIFY_PASSWORD('new-password');
0 rows inserted/updated/deleted
ij(CONNECTION2)> connect 'jdbc:derby:otherdb;user=test;password=new-password';
ERROR 08004: Connection authentication failure occurred. Reason: Invalid
authentication..
Even though SYSCS_MODIFY_PASSWORD succeeds, the password has not been updated
in the credentials db.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
