[jira] Commented: (DERBY-4642) Successful login with securityMechanism=8 writes exception to log

["Kristian Waagan (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/DERBY-4642?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12864239#action_12864239 ] 

Kristian Waagan commented on DERBY-4642:
----------------------------------------

FYI, I have observed this exception in derby.log from derbynet.NSSecurityMechanismTest, but I haven't investigated if it is expected or not.

> Successful login with securityMechanism=8 writes exception to log
> -----------------------------------------------------------------
>
>                 Key: DERBY-4642
>                 URL: https://issues.apache.org/jira/browse/DERBY-4642
>             Project: Derby
>          Issue Type: Bug
>          Components: Network Server
>    Affects Versions: 10.4.1.3, 10.5.3.0, 10.6.1.0, 10.7.0.0
>            Reporter: Knut Anders Hatlen
>            Priority: Minor
>
> With authentication and strong password substitution enabled, the first connection to a database logs an exception, even if the connection attempt was successful.
> Example:
> Start a network server in one terminal:
> $ java -Dderby.connection.requireAuthentication=true -Dderby.user.test=test -jar /code/derby/trunk0/jars/sane/derbynet.jar start
> 2010-05-05 08:04:00.857 GMT : Security manager installed using the Basic server security policy.
> 2010-05-05 08:04:01.121 GMT : Apache Derby Network Server - 10.7.0.0 alpha - (941167P) started and ready to accept connections on port 1527
> Then, in another terminal, connect to the database using ij:
> java -jar /code/derby/trunk0/jars/sane/derbyrun.jar ij
> ij version 10.7
> ij> connect 'jdbc:derby://localhost/db;create=true;user=test;password=test;securityMechanism=8';
> ij> values 'I''m in! :)';
> 1         
> ----------
> I'm in! :)
> 1 row selected
> ij> 
> Even though the connection was successfully established, the following exception is written to derby.log:
> java.sql.SQLException: Connection authentication failure occurred.  Reason: Invalid authentication..
>         at org.apache.derby.impl.jdbc.SQLExceptionFactory.getSQLException(SQLExceptionFactory.java:45)
>         at org.apache.derby.impl.jdbc.SQLExceptionFactory40.wrapArgsForTransportAcrossDRDA(SQLExceptionFactory40.java:119)
>         at org.apache.derby.impl.jdbc.SQLExceptionFactory40.getSQLException(SQLExceptionFactory40.java:70)
>         at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:142)
>         at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:148)
>         at org.apache.derby.impl.jdbc.Util.generateCsSQLException(Util.java:227)
>         at org.apache.derby.impl.jdbc.EmbedConnection.newSQLException(EmbedConnection.java:3044)
>         at org.apache.derby.impl.jdbc.EmbedConnection.checkUserCredentials(EmbedConnection.java:1218)
>         at org.apache.derby.impl.jdbc.EmbedConnection.<init>(EmbedConnection.java:402)
>         at org.apache.derby.impl.jdbc.EmbedConnection30.<init>(EmbedConnection30.java:73)
>         at org.apache.derby.impl.jdbc.EmbedConnection40.<init>(EmbedConnection40.java:54)
>         at org.apache.derby.jdbc.Driver40.getNewEmbedConnection(Driver40.java:68)
>         at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:238)
>         at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:119)
>         at org.apache.derby.impl.drda.Database.makeDummyConnection(Database.java:268)
>         at org.apache.derby.impl.drda.DRDAConnThread.validateSecMecUSRSSBPWD(DRDAConnThread.java:8834)
>         at org.apache.derby.impl.drda.DRDAConnThread.parseACCSEC(DRDAConnThread.java:1964)
>         at org.apache.derby.impl.drda.DRDAConnThread.processCommands(DRDAConnThread.java:948)
>         at org.apache.derby.impl.drda.DRDAConnThread.run(DRDAConnThread.java:295)
> Logging an exception when nothing is wrong is confusing and may make users think there's a real problem.
> The exception itself is harmless, though. Database.makeDummyConnection() is expected to fail in some circumstances. It attempts to connect to the database without specifying any credentials in order to boot the database. That code doesn't care whether a connection is returned or an exception is thrown, since the database is booted even if the credentials are invalid.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.