You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Knut Anders Hatlen (JIRA)" <ji...@apache.org> on 2010/05/05 10:24:02 UTC
[jira] Created: (DERBY-4642) Successful login with
securityMechanism=8 writes exception to log
Successful login with securityMechanism=8 writes exception to log
-----------------------------------------------------------------
Key: DERBY-4642
URL: https://issues.apache.org/jira/browse/DERBY-4642
Project: Derby
Issue Type: Bug
Components: Network Server
Affects Versions: 10.5.3.0, 10.4.1.3, 10.6.1.0, 10.7.0.0
Reporter: Knut Anders Hatlen
Priority: Minor
With authentication and strong password substitution enabled, the first connection to a database logs an exception, even if the connection attempt was successful.
Example:
Start a network server in one terminal:
$ java -Dderby.connection.requireAuthentication=true -Dderby.user.test=test -jar /code/derby/trunk0/jars/sane/derbynet.jar start
2010-05-05 08:04:00.857 GMT : Security manager installed using the Basic server security policy.
2010-05-05 08:04:01.121 GMT : Apache Derby Network Server - 10.7.0.0 alpha - (941167P) started and ready to accept connections on port 1527
Then, in another terminal, connect to the database using ij:
java -jar /code/derby/trunk0/jars/sane/derbyrun.jar ij
ij version 10.7
ij> connect 'jdbc:derby://localhost/db;create=true;user=test;password=test;securityMechanism=8';
ij> values 'I''m in! :)';
1
----------
I'm in! :)
1 row selected
ij>
Even though the connection was successfully established, the following exception is written to derby.log:
java.sql.SQLException: Connection authentication failure occurred. Reason: Invalid authentication..
at org.apache.derby.impl.jdbc.SQLExceptionFactory.getSQLException(SQLExceptionFactory.java:45)
at org.apache.derby.impl.jdbc.SQLExceptionFactory40.wrapArgsForTransportAcrossDRDA(SQLExceptionFactory40.java:119)
at org.apache.derby.impl.jdbc.SQLExceptionFactory40.getSQLException(SQLExceptionFactory40.java:70)
at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:142)
at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:148)
at org.apache.derby.impl.jdbc.Util.generateCsSQLException(Util.java:227)
at org.apache.derby.impl.jdbc.EmbedConnection.newSQLException(EmbedConnection.java:3044)
at org.apache.derby.impl.jdbc.EmbedConnection.checkUserCredentials(EmbedConnection.java:1218)
at org.apache.derby.impl.jdbc.EmbedConnection.<init>(EmbedConnection.java:402)
at org.apache.derby.impl.jdbc.EmbedConnection30.<init>(EmbedConnection30.java:73)
at org.apache.derby.impl.jdbc.EmbedConnection40.<init>(EmbedConnection40.java:54)
at org.apache.derby.jdbc.Driver40.getNewEmbedConnection(Driver40.java:68)
at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:238)
at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:119)
at org.apache.derby.impl.drda.Database.makeDummyConnection(Database.java:268)
at org.apache.derby.impl.drda.DRDAConnThread.validateSecMecUSRSSBPWD(DRDAConnThread.java:8834)
at org.apache.derby.impl.drda.DRDAConnThread.parseACCSEC(DRDAConnThread.java:1964)
at org.apache.derby.impl.drda.DRDAConnThread.processCommands(DRDAConnThread.java:948)
at org.apache.derby.impl.drda.DRDAConnThread.run(DRDAConnThread.java:295)
Logging an exception when nothing is wrong is confusing and may make users think there's a real problem.
The exception itself is harmless, though. Database.makeDummyConnection() is expected to fail in some circumstances. It attempts to connect to the database without specifying any credentials in order to boot the database. That code doesn't care whether a connection is returned or an exception is thrown, since the database is booted even if the credentials are invalid.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DERBY-4642) Successful login with
securityMechanism=8 writes exception to log
Posted by "Kristian Waagan (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-4642?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12864239#action_12864239 ]
Kristian Waagan commented on DERBY-4642:
----------------------------------------
FYI, I have observed this exception in derby.log from derbynet.NSSecurityMechanismTest, but I haven't investigated if it is expected or not.
> Successful login with securityMechanism=8 writes exception to log
> -----------------------------------------------------------------
>
> Key: DERBY-4642
> URL: https://issues.apache.org/jira/browse/DERBY-4642
> Project: Derby
> Issue Type: Bug
> Components: Network Server
> Affects Versions: 10.4.1.3, 10.5.3.0, 10.6.1.0, 10.7.0.0
> Reporter: Knut Anders Hatlen
> Priority: Minor
>
> With authentication and strong password substitution enabled, the first connection to a database logs an exception, even if the connection attempt was successful.
> Example:
> Start a network server in one terminal:
> $ java -Dderby.connection.requireAuthentication=true -Dderby.user.test=test -jar /code/derby/trunk0/jars/sane/derbynet.jar start
> 2010-05-05 08:04:00.857 GMT : Security manager installed using the Basic server security policy.
> 2010-05-05 08:04:01.121 GMT : Apache Derby Network Server - 10.7.0.0 alpha - (941167P) started and ready to accept connections on port 1527
> Then, in another terminal, connect to the database using ij:
> java -jar /code/derby/trunk0/jars/sane/derbyrun.jar ij
> ij version 10.7
> ij> connect 'jdbc:derby://localhost/db;create=true;user=test;password=test;securityMechanism=8';
> ij> values 'I''m in! :)';
> 1
> ----------
> I'm in! :)
> 1 row selected
> ij>
> Even though the connection was successfully established, the following exception is written to derby.log:
> java.sql.SQLException: Connection authentication failure occurred. Reason: Invalid authentication..
> at org.apache.derby.impl.jdbc.SQLExceptionFactory.getSQLException(SQLExceptionFactory.java:45)
> at org.apache.derby.impl.jdbc.SQLExceptionFactory40.wrapArgsForTransportAcrossDRDA(SQLExceptionFactory40.java:119)
> at org.apache.derby.impl.jdbc.SQLExceptionFactory40.getSQLException(SQLExceptionFactory40.java:70)
> at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:142)
> at org.apache.derby.impl.jdbc.Util.newEmbedSQLException(Util.java:148)
> at org.apache.derby.impl.jdbc.Util.generateCsSQLException(Util.java:227)
> at org.apache.derby.impl.jdbc.EmbedConnection.newSQLException(EmbedConnection.java:3044)
> at org.apache.derby.impl.jdbc.EmbedConnection.checkUserCredentials(EmbedConnection.java:1218)
> at org.apache.derby.impl.jdbc.EmbedConnection.<init>(EmbedConnection.java:402)
> at org.apache.derby.impl.jdbc.EmbedConnection30.<init>(EmbedConnection30.java:73)
> at org.apache.derby.impl.jdbc.EmbedConnection40.<init>(EmbedConnection40.java:54)
> at org.apache.derby.jdbc.Driver40.getNewEmbedConnection(Driver40.java:68)
> at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:238)
> at org.apache.derby.jdbc.AutoloadedDriver.connect(AutoloadedDriver.java:119)
> at org.apache.derby.impl.drda.Database.makeDummyConnection(Database.java:268)
> at org.apache.derby.impl.drda.DRDAConnThread.validateSecMecUSRSSBPWD(DRDAConnThread.java:8834)
> at org.apache.derby.impl.drda.DRDAConnThread.parseACCSEC(DRDAConnThread.java:1964)
> at org.apache.derby.impl.drda.DRDAConnThread.processCommands(DRDAConnThread.java:948)
> at org.apache.derby.impl.drda.DRDAConnThread.run(DRDAConnThread.java:295)
> Logging an exception when nothing is wrong is confusing and may make users think there's a real problem.
> The exception itself is harmless, though. Database.makeDummyConnection() is expected to fail in some circumstances. It attempts to connect to the database without specifying any credentials in order to boot the database. That code doesn't care whether a connection is returned or an exception is thrown, since the database is booted even if the credentials are invalid.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.