Special Characters in Passwords
I find a lot of how-to's with security and passwords. What I need to know is if there are restrictions in what types of characters can be used in good old plain text passwords? For example, if we set a password connection to a database in the 8-ds.xml file to Jbo$$is@llRight# why would it fail? Should it work?
Responses
Hello Liisa,
The only restriction would be invalid xml characters and/or restrictions imposed by RDBMS. Which EAP version you've observed the issue? I can try to reproduce it here in my local settings.
Thanks,
Usman
Hi Liisa,
EnterpriseDB is based on PostgreSQL, I just tested it with PostgreSQL 9 and it works without any issues:
postgres-ds.xml:
<datasources>
<local-tx-datasource>
<jndi-name>PostgresDS</jndi-name>
<connection-url>jdbc:postgresql://localhost:5432/postgres</connection-url>
<driver-class>org.postgresql.Driver</driver-class>
<user-name>test</user-name>
<password>Jbo$$is@llRight#</password>
<!-- sql to call when connection is created. Can be anything, select 1 is valid for PostgreSQL-->
<new-connection-sql>select 1</new-connection-sql>
<!-- sql to call on an existing pooled connection when it is obtained from pool. Can be anything, select 1 is valid for PostgreSQL -->
<check-valid-connection-sql>select 1</check-valid-connection-sql>
<!-- corresponding type-mapping in the standardjbosscmp-jdbc.xml (optional) -->
<metadata>
<type-mapping>PostgreSQL</type-mapping>
</metadata>
</local-tx-datasource>
</datasources>
index.jsp:
<%@page import="javax.sql.DataSource"%>
<%@page import="javax.naming.InitialContext"%>
<%@page import="javax.naming.Context"%>
<%@page import="java.sql.*"%>
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>DB Lookup</title>
</head>
<body>
Looking up PostgresDS ...<br />
<%
Context ic = new InitialContext();
DataSource ds = (DataSource) ic.lookup("java:/PostgresDS");
Connection con = ds.getConnection();
Statement s = con.createStatement();
ResultSet rs = s.executeQuery("SELECT 1");
rs.close();
s.close();
con.close();
%>
Passed!
</body>
</html>
Note that I created user 'test' as a superuser, here is the output of \du from psql in my settings:
postgres=# \du
List of roles
Role name | Attributes | Member of
-----------+-----------------------------------+-----------
postgres | Superuser, Create role, Create DB | {}
rhqadmin | | {}
test | Superuser, Create role, Create DB | {}
Can you double check whether the user you are testing has correct attributes, and/or, try altering password again (are you able to login to that user via psql?).
Can you post your -ds.xml file and the code that you are using to connect to database. Any log snippets from server.log to show exactly what error you are getting?
Thanks,
Usman
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
