[
https://issues.apache.org/jira/browse/DERBY-5741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13267631#comment-13267631
]
Rick Hillegas commented on DERBY-5741:
--------------------------------------
Technically, this behavior is correct although the error message is not
helpful. The NATIVE authentication service boots only when the authentication
provider begins with NATIVE: (note the trailing colon). The trailing colon
unambiguously marks the provider value as something which could not be a legal
class name. For backward compatibility reasons, any value of
derby.authentication.provider (other than BUILTIN and LDAP) which could be a
class name is handed to the user-defined authentication service. The
user-defined authentication service attempts to instantiate that class and boot
it as the authentication provider.
One fix to this confusion would be for the user-authentication service to throw
a more helpful error message. Maybe a message which says that the value of
derby.authentication.provider is not LDAP or BUILTIN, and does not begin with
NATIVE:, and does not identify a class which can be reached.
Would that be satisfactory? Thanks.
> Native user authentication: improve checking of syntax
> ------------------------------------------------------
>
> Key: DERBY-5741
> URL: https://issues.apache.org/jira/browse/DERBY-5741
> Project: Derby
> Issue Type: Improvement
> Components: Services
> Affects Versions: 10.9.0.0
> Reporter: Dag H. Wanvik
> Priority: Minor
> Attachments: repro2.sh
>
>
> Trying to set derby.authentication.provider to "NATIVE:" correctly gives an
> error message complaining about the syntax:
> "ERROR XCY05: Invalid setting of the derby.authentication.provider property.
> This property cannot be set to NATIVE::LOCAL unless credentials for the
> database owner have been stored in the database using the
> SYSCS_UTIL.SYSCS_CREATE_USER procedure."
> Trying to set it as "NATIVE" (no trailing colon) does not treat this the
> value as a malformed NATIVE authentication specification. This leads to it
> being interpreted as a used defined authentication class, so when I attempt
> to connect after disconnection from the database I see:
> ERROR XJ040: Failed to start database 'cred' with class loader
> sun.misc.Launcher$AppClassLoader@18d107f, see the next exception for details.
> ERROR XJ001: Java exception: 'NATIVE: java.lang.ClassNotFoundException'.
> Another thing is that the error message in the first place is out of date
> now: we never shoudl be setting "NATIVE::LOCAL" explicitly, it id does once
> the first user is created according to version 7.0 of the spec. See
> DERBY-5742.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
