[jira] Commented: (DERBY-1711) In an embedded env, connection happens properly even when the password supplied is wrong.
[ http://issues.apache.org/jira/browse/DERBY-1711?page=comments#action_12432724 ] Chinmay Bajikar commented on DERBY-1711: Hi Rajesh, Thanks to you and Francois... I didnt get that part about the db shutdown which francois mentioned. Thanks to your script which cleared everything off. Closing this issue. Thanks again, Chinmay In an embedded env, connection happens properly even when the password supplied is wrong. - Key: DERBY-1711 URL: http://issues.apache.org/jira/browse/DERBY-1711 Project: Derby Issue Type: Bug Components: JDBC Affects Versions: 10.1.3.1 Environment: Win XP,Java 1.4.x Reporter: Chinmay Bajikar Attachments: 1171.sql, derby.zip Hi, I am a new user of Derby. Have tried to set user authorization at the database level using the example given in the Derby Dev Guide.(Page 85). The steps that I do are as follows, 1)Create a db (using create=true attribute in the connection url) 2) Connect to the db and set the appropriate properties i.e. set requireAuthentication to true,provider to builtin, add a new user,passwrd and give it full access. 3) Set the default access level to noAccess. 4) Close this connection. 5) Now make a new connection using the user name/passwd.It connects fine. 6) Now try to make a new connection using a wrong user name and it gives a Connection Refused exception. 7) Finally try giving a right username and wrong passwd and the connection still happens. Have attached the source file which does all these above steps for reproducing the issue. Thanks, Chinmay. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (DERBY-1711) In an embedded env, connection happens properly even when the password supplied is wrong.
[ http://issues.apache.org/jira/browse/DERBY-1711?page=comments#action_12432370 ] Chinmay Bajikar commented on DERBY-1711: Hi Francois, Thnks for your observations...But I have tried doing wht you have suggested. It doesnt seem to work even then. If you have a look at the example, you shall see that, the connection is disallowed if the user-name is wrong. But its allowed if the user-name is correct and the password is wrong. If you can, please try out the example. Thanks, Chinmay. In an embedded env, connection happens properly even when the password supplied is wrong. - Key: DERBY-1711 URL: http://issues.apache.org/jira/browse/DERBY-1711 Project: Derby Issue Type: Bug Components: JDBC Affects Versions: 10.1.3.1 Environment: Win XP,Java 1.4.x Reporter: Chinmay Bajikar Attachments: derby.zip Hi, I am a new user of Derby. Have tried to set user authorization at the database level using the example given in the Derby Dev Guide.(Page 85). The steps that I do are as follows, 1)Create a db (using create=true attribute in the connection url) 2) Connect to the db and set the appropriate properties i.e. set requireAuthentication to true,provider to builtin, add a new user,passwrd and give it full access. 3) Set the default access level to noAccess. 4) Close this connection. 5) Now make a new connection using the user name/passwd.It connects fine. 6) Now try to make a new connection using a wrong user name and it gives a Connection Refused exception. 7) Finally try giving a right username and wrong passwd and the connection still happens. Have attached the source file which does all these above steps for reproducing the issue. Thanks, Chinmay. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (DERBY-1711) In an embedded env, connection happens properly even when the password supplied is wrong.
[ http://issues.apache.org/jira/browse/DERBY-1711?page=comments#action_12429746 ] Francois Orsini commented on DERBY-1711: Hi Chinmay, This is not a bug - The 'derby.connection.requireAuthentication' derby property is a static one - Once it is set to true to turn on authentication, the database or derby instance needs to be re-booted - So, if you set this property to true at the database level, just shutdown the database and re-open a connection to that database for the property to be taken into account during the following database boot... However, the example in the guide does NOT do some proper testing in my opinion - it basically checks if the properties have been set but it does NOT intrinsically check if authentication has really been turned by doing more negative testing...The example also does NOT shutdown and restart the database for the derby static properties to be taken into acount. This bug should be converted into a documentation one - I also believe that we need to highlight more the fact that the 'derby.connection.requireAuthentication' property is a static one... Hope this helps - in the meantime... In an embedded env, connection happens properly even when the password supplied is wrong. - Key: DERBY-1711 URL: http://issues.apache.org/jira/browse/DERBY-1711 Project: Derby Issue Type: Bug Components: JDBC Affects Versions: 10.1.3.1 Environment: Win XP,Java 1.4.x Reporter: Chinmay Bajikar Attachments: derby.zip Hi, I am a new user of Derby. Have tried to set user authorization at the database level using the example given in the Derby Dev Guide.(Page 85). The steps that I do are as follows, 1)Create a db (using create=true attribute in the connection url) 2) Connect to the db and set the appropriate properties i.e. set requireAuthentication to true,provider to builtin, add a new user,passwrd and give it full access. 3) Set the default access level to noAccess. 4) Close this connection. 5) Now make a new connection using the user name/passwd.It connects fine. 6) Now try to make a new connection using a wrong user name and it gives a Connection Refused exception. 7) Finally try giving a right username and wrong passwd and the connection still happens. Have attached the source file which does all these above steps for reproducing the issue. Thanks, Chinmay. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
