[
https://issues.apache.org/jira/browse/DERBY-4483?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12838850#action_12838850
]
Knut Anders Hatlen commented on DERBY-4483:
-------------------------------------------
One note about testing:
There are no tests in experiment.diff. There will of course have to be tests in
the final patch. In addition to tests of the basic functionality, there should
also be upgrade tests to verify that it works as expected in full and soft
upgrade, as well as that you can move back to older versions after a soft
upgrade. I don't know if the upgrade tests currently support tests that use
authentication. I will have to look at that.
I did however run derbyall and suites.All with the patch and saw no failures
(as expected since the old code path was still used in all tests).
I also ran derbyall and suites.All with a variant of the patch that hard-coded
the use of the new scheme with the SHA-256 algorithm. Only one test failed,
NSSecurityMechanismTest. This was an expected failure because of the
incompatibility with the strong password substitution mechanism mentioned in my
previous comment.
> Provide a way to change the hash algorithm used by BUILTIN authentication
> -------------------------------------------------------------------------
>
> Key: DERBY-4483
> URL: https://issues.apache.org/jira/browse/DERBY-4483
> Project: Derby
> Issue Type: Improvement
> Components: Services
> Affects Versions: 10.5.3.0
> Reporter: Knut Anders Hatlen
> Assignee: Knut Anders Hatlen
> Priority: Minor
> Attachments: experiment.diff
>
>
> The BUILTIN authentication scheme protects the passwords by hashing them with
> the SHA-1 algorithm. It would be nice to have way to specify a different
> algorithm so that users can take advantage of new, stronger algorithms
> provided by their JCE provider if so desired.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
