[jira] [Commented] (DERBY-5647) NATIVE warns about password expiry for DBO

Mon, 12 Mar 2012 12:29:03 -0700 

    [ 
https://issues.apache.org/jira/browse/DERBY-5647?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13227804#comment-13227804
 ] 

Kristian Waagan commented on DERBY-5647:
----------------------------------------

Hi Rick,

I find option (3) unacceptable - I'd be very unhappy if I found myself, as the 
DBO, to be locked out from the database without any way to reset/re-enable my 
account. A reset mechanism is propably riddled with security issues itself and 
not suitable in this context.

Option (1) seems a little awkward for the non-DBO users, since much of the 
information in the message is irrelevant for them.

I agree with Knut Anders, and find option (2) the most attractive.
Have you considered writing a message to derby.log in addition to the SQL 
warning? This could increase the level of encouragment for changing the 
password, but we obviously don't want to "spam" the log either.
                
> NATIVE warns about password expiry for DBO
> ------------------------------------------
>
>                 Key: DERBY-5647
>                 URL: https://issues.apache.org/jira/browse/DERBY-5647
>             Project: Derby
>          Issue Type: Bug
>          Components: Services
>    Affects Versions: 10.9.0.0
>            Reporter: Knut Anders Hatlen
>            Priority: Minor
>
> The DBO's password cannot expire. Still, NATIVE warns that the password is 
> about to expire.
> ij> connect 'jdbc:derby:authdb;create=true;user=admin';
> ij> call 
> syscs_util.syscs_set_database_property('derby.authentication.native.passwordLifetimeMillis',
>  '100');
> 0 rows inserted/updated/deleted
> ij> call syscs_util.syscs_create_user('ADMIN', '%*$');
> 0 rows inserted/updated/deleted
> ij> call 
> syscs_util.syscs_set_database_property('derby.authentication.provider', 
> 'NATIVE::LOCAL');
> 0 rows inserted/updated/deleted
> ij> connect 'jdbc:derby:authdb;shutdown=true';
> ERROR 08006: Database 'authdb' shutdown.
> ij> connect 'jdbc:derby:authdb;user=admin;password=%*$';
> WARNING 01J15: Your password will expire in 0 day(s). Please use the 
> SYSCS_UTIL.SYSCS_MODIFY_PASSWORD  procedure to change your password.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to