[ https://issues.apache.org/jira/browse/DERBY-3025?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12522726 ]
Knut Anders Hatlen commented on DERBY-3025: ------------------------------------------- I think the problem is that the embedded driver will try to use the securityMechanism attribute even though it does not make any sense in an embedded context. If I use a debug-enabled build, I get an assert failure instead of a NullPointerException: Caused by: org.apache.derby.shared.common.sanity.AssertFailure: ASSERT FAILED Unexpected: Requester or server seed not available at org.apache.derby.shared.common.sanity.SanityManager.ASSERT(SanityManager.java:120) at org.apache.derby.impl.jdbc.authentication.AuthenticationServiceBase.substitutePassword(AuthenticationServiceBase.java:489) at org.apache.derby.impl.jdbc.authentication.BasicAuthenticationServiceImpl.authenticateUser(BasicAuthenticationServiceImpl.java:228) at org.apache.derby.impl.jdbc.authentication.AuthenticationServiceBase.authenticate(AuthenticationServiceBase.java:222) at org.apache.derby.impl.jdbc.EmbedConnection.checkUserCredentials(EmbedConnection.java:582) at org.apache.derby.impl.jdbc.EmbedConnection.<init>(EmbedConnection.java:280) ... 17 more Perhaps we could remove the assert and instead throw a real SQLException with a message saying "The securityMechanism connection attribute should not be used on an embedded connection." > NPE when connecting to database with securityMechanism=8 > -------------------------------------------------------- > > Key: DERBY-3025 > URL: https://issues.apache.org/jira/browse/DERBY-3025 > Project: Derby > Issue Type: Bug > Components: Security > Affects Versions: 10.3.1.4 > Environment: Solaris x86 > Reporter: Alan Burlison > > If derby.drda.securityMechanism has *not* been set to > STRONG_PASSWORD_SUBSTITUTE_SECURITY and the database is opened with the > securityMechanism=8 property set, a NPE is thrown: > // Try opening the database. > Properties props = new Properties(); > props.put("securityMechanism", "8"); > props.put("user", dbUser); > props.put("password", dbPass); > Connection db = null; > try { > StringBuilder sb = new StringBuilder("jdbc:derby:"); > sb.append(dbName); > db = DriverManager.getConnection(sb.toString(), props); > } > // Handle exception > } > java.lang.NullPointerException'. [XJ001] > Caused by: java.sql.SQLException: Java exception: ': > java.lang.NullPointerException'. > at > org.apache.derby.impl.jdbc.SQLExceptionFactory40.getSQLException(Unknown > Source) > at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Unknown > Source) > at org.apache.derby.impl.jdbc.Util.javaException(Unknown Source) > at > org.apache.derby.impl.jdbc.TransactionResourceImpl.wrapInSQLException(Unknown > Source) > at > org.apache.derby.impl.jdbc.TransactionResourceImpl.handleException(Unknown > Source) > at org.apache.derby.impl.jdbc.EmbedConnection.handleException(Unknown > Source) > at org.apache.derby.impl.jdbc.EmbedConnection.<init>(Unknown Source) > at org.apache.derby.impl.jdbc.EmbedConnection30.<init>(Unknown Source) > at org.apache.derby.impl.jdbc.EmbedConnection40.<init>(Unknown Source) > at org.apache.derby.jdbc.Driver40.getNewEmbedConnection(Unknown > Source) > at org.apache.derby.jdbc.InternalDriver.connect(Unknown Source) > at org.apache.derby.jdbc.AutoloadedDriver.connect(Unknown Source) > at java.sql.DriverManager.getConnection(DriverManager.java:582) > at java.sql.DriverManager.getConnection(DriverManager.java:154) > at org.opensolaris.auth.db.DBManager.openDatabase(DBManager.java:152) > ... 1 more > Caused by: java.sql.SQLException: Java exception: ': > java.lang.NullPointerException'. > at > org.apache.derby.impl.jdbc.SQLExceptionFactory.getSQLException(Unknown Source) > at > org.apache.derby.impl.jdbc.SQLExceptionFactory40.wrapArgsForTransportAcrossDRDA(Unknown > Source) > ... 16 more > Caused by: java.lang.NullPointerException > at > org.apache.derby.impl.jdbc.authentication.AuthenticationServiceBase.substitutePassword(Unknown > Source) > at > org.apache.derby.impl.jdbc.authentication.BasicAuthenticationServiceImpl.authenticateUser(Unknown > Source) > at > org.apache.derby.impl.jdbc.authentication.AuthenticationServiceBase.authenticate(Unknown > Source) > at > org.apache.derby.impl.jdbc.EmbedConnection.checkUserCredentials(Unknown > Source) > ... 10 more -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.