You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by rh...@apache.org on 2012/01/26 19:25:25 UTC
svn commit: r1236340 - in /db/derby/code/trunk/java:
engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java
testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/Changes10_9.java
Author: rhillegas
Date: Thu Jan 26 18:25:24 2012
New Revision: 1236340
URL: http://svn.apache.org/viewvc?rev=1236340&view=rev
Log:
DERBY-866: Add new upgrade test for NATIVE authentication and improve error raised when trying to read credentials in a database which hasn't been hard-upgraded to 10.9.
Modified:
db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java
db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/Changes10_9.java
Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java?rev=1236340&r1=1236339&r2=1236340&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java Thu Jan 26 18:25:24 2012
@@ -7931,6 +7931,12 @@ public final class DataDictionaryImpl
public UserDescriptor getUser( String userName )
throws StandardException
{
+ //
+ // No sense looking for the SYSUSERS congomerate until the database
+ // is hard-upgraded to 10.9 or later.
+ //
+ dictionaryVersion.checkVersion( DD_VERSION_DERBY_10_9, "NATIVE AUTHENTICATION" );
+
ExecIndexRow keyRow;
TabInfoImpl ti = getNonCoreTI( SYSUSERS_CATALOG_NUM );
Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/Changes10_9.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/Changes10_9.java?rev=1236340&r1=1236339&r2=1236340&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/Changes10_9.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/Changes10_9.java Thu Jan 26 18:25:24 2012
@@ -48,6 +48,9 @@ public class Changes10_9 extends Upgrade
//
///////////////////////////////////////////////////////////////////////////////////
+ private static final String UPGRADE_REQUIRED = "XCL47";
+ private static final String INVALID_PROVIDER_CHANGE = "XCY05";
+
///////////////////////////////////////////////////////////////////////////////////
//
// STATE
@@ -205,11 +208,7 @@ public class Changes10_9 extends Upgrade
private void vetNativeProcs( Statement s, boolean shouldExist ) throws Exception
{
// make sure that an authentication algorithm has been set
- String defaultDigestAlgorithm = getDatabaseProperty( s, "derby.authentication.builtin.algorithm" );
- if ( defaultDigestAlgorithm == null )
- {
- setDatabaseProperty( s, "derby.authentication.builtin.algorithm", "SHA-1" );
- }
+ String defaultDigestAlgorithm = pushAuthenticationAlgorithm( s );
try {
s.execute( "call syscs_util.syscs_create_user( 'fred', 'fredpassword' )" );
@@ -245,6 +244,23 @@ public class Changes10_9 extends Upgrade
}
// restore the authentication algorithm if we changed it
+ popAuthenticationAlgorithm( s, defaultDigestAlgorithm );
+ }
+ private String pushAuthenticationAlgorithm( Statement s ) throws Exception
+ {
+ // make sure that an authentication algorithm has been set.
+ // otherwise, we won't be able to create NATIVE users.
+ String defaultDigestAlgorithm = getDatabaseProperty( s, "derby.authentication.builtin.algorithm" );
+ if ( defaultDigestAlgorithm == null )
+ {
+ setDatabaseProperty( s, "derby.authentication.builtin.algorithm", "SHA-1" );
+ }
+
+ return defaultDigestAlgorithm;
+ }
+ private void popAuthenticationAlgorithm( Statement s, String defaultDigestAlgorithm ) throws Exception
+ {
+ // restore the authentication algorithm if we changed it
if ( defaultDigestAlgorithm == null )
{
setDatabaseProperty( s, "derby.authentication.builtin.algorithm", null );
@@ -275,6 +291,51 @@ public class Changes10_9 extends Upgrade
}
/**
+ * Make sure that NATIVE LOCAL authentication can't be turned on
+ * before hard-upgrade.
+ */
+ public void testNativeLocalAuthentication() throws Exception
+ {
+ Statement s = createStatement();
+
+ switch ( getPhase() )
+ {
+ case PH_CREATE: // create with old version
+ case PH_POST_SOFT_UPGRADE: // soft-downgrade: boot with old version after soft-upgrade
+
+ //
+ // It's possible (although very unlikely) that someone could set the
+ // authentication provider to be NATIVE::LOCAL in an old database
+ // just before upgrading. If they do this, they will get an error at
+ // soft-upgrade time and they will have to back off to the old
+ // derby version in order to unset the authentication provider.
+ //
+ setDatabaseProperty( s, "derby.authentication.provider", "NATIVE::LOCAL" );
+ setDatabaseProperty( s, "derby.authentication.provider", null );
+ break;
+
+ case PH_SOFT_UPGRADE: // boot with new version and soft-upgrade
+ setDatabaseProperty( s, "derby.authentication.provider", "com.acme.AcmeAuthenticator" );
+ assertStatementError
+ (
+ UPGRADE_REQUIRED, s,
+ "call syscs_util.syscs_set_database_property( 'derby.authentication.provider', 'NATIVE::LOCAL' )"
+ );
+ setDatabaseProperty( s, "derby.authentication.provider", null );
+ break;
+
+ case PH_HARD_UPGRADE: // boot with new version and hard-upgrade
+ //
+ // Can't actually turn on NATIVE LOCAL authentication in the upgrade tests because, once turned on,
+ // you can't turn it off and that would mess up later tests.
+ //
+ break;
+ }
+
+ s.close();
+ }
+
+ /**
* Make sure builtin authentication doesn't use a hash scheme that's not
* supported by the old version until the database has been hard upgraded.
* See DERBY-4483 and DERBY-5539.