[jira] [Updated] (DERBY-5647) NATIVE warns about password expiry for DBO

Tue, 13 Mar 2012 06:44:05 -0700 

     [ 
https://issues.apache.org/jira/browse/DERBY-5647?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Rick Hillegas updated DERBY-5647:
---------------------------------

    Attachment: derby-5647-01-aa-staleDBOpassword.diff

Attaching derby-5647-01-aa-staleDBOpassword.diff. This patch adds a new warning 
message for the expiration of the DBO's password, as Knut and Kristian advised. 
Committed at subversion revision 1300120.

I'm not clear on whether we should write password expiration warnings to 
derby.log. As Kristian notes, this could just turn into spam. In addition, I 
would feel more comfortable about writing this kind of information to a 
security audit log rather than to the general diagnostic log (and we don't have 
a separate security audit log yet).

Touches the following files:

M       
java/engine/org/apache/derby/impl/jdbc/authentication/NativeAuthenticationServiceImpl.java
M       java/engine/org/apache/derby/loc/messages.xml
M       java/shared/org/apache/derby/shared/common/reference/SQLState.java
M       
java/testing/org/apache/derbyTesting/functionTests/tests/lang/NativeAuthenticationServiceTest.java

                
> NATIVE warns about password expiry for DBO
> ------------------------------------------
>
>                 Key: DERBY-5647
>                 URL: https://issues.apache.org/jira/browse/DERBY-5647
>             Project: Derby
>          Issue Type: Bug
>          Components: Services
>    Affects Versions: 10.9.0.0
>            Reporter: Knut Anders Hatlen
>            Priority: Minor
>         Attachments: derby-5647-01-aa-staleDBOpassword.diff
>
>
> The DBO's password cannot expire. Still, NATIVE warns that the password is 
> about to expire.
> ij> connect 'jdbc:derby:authdb;create=true;user=admin';
> ij> call 
> syscs_util.syscs_set_database_property('derby.authentication.native.passwordLifetimeMillis',
>  '100');
> 0 rows inserted/updated/deleted
> ij> call syscs_util.syscs_create_user('ADMIN', '%*$');
> 0 rows inserted/updated/deleted
> ij> call 
> syscs_util.syscs_set_database_property('derby.authentication.provider', 
> 'NATIVE::LOCAL');
> 0 rows inserted/updated/deleted
> ij> connect 'jdbc:derby:authdb;shutdown=true';
> ERROR 08006: Database 'authdb' shutdown.
> ij> connect 'jdbc:derby:authdb;user=admin;password=%*$';
> WARNING 01J15: Your password will expire in 0 day(s). Please use the 
> SYSCS_UTIL.SYSCS_MODIFY_PASSWORD  procedure to change your password.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to