[
https://issues.apache.org/jira/browse/DERBY-3537?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12580614#action_12580614
]
Daniel John Debrunner commented on DERBY-3537:
----------------------------------------------
I read the code to be a shutdown due to a SSLException is a shutdown due to
some failure in the server.
In that case requiring a user/password and permission seems wrong, especially
since the code that
started the server is the code that is calling this shutdown and a
user/password is not required for startup.
> Invalid use shutdown authentication checks in
> NetworkServerControlImpl.directShutdown()
> ----------------------------------------------------------------------------------------
>
> Key: DERBY-3537
> URL: https://issues.apache.org/jira/browse/DERBY-3537
> Project: Derby
> Issue Type: Bug
> Components: Network Server
> Reporter: Daniel John Debrunner
> Priority: Minor
>
> If ClientThread hits an SSLException exception it will call
> NetworkServerControlImpl.directShutdown().
> DERBY-2109 added privilege checking to directShutdown() that includes
> authentication.
> I can't see how this call by ClientThread can be valid. Authentication is not
> required to start the network server, thus a NetworkServerControl with no
> user,password may be used and thus passed onto directShutdown() failing
> authentication and then failing to perform the failed shutdown?
> I think the error was adding the privilege check in DERBY-2109, it looks like
> this method is for use only within the network server (actually this is the
> only use of it), maybe the correct security mechanism would have been to make
> the method package private?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
