create login sea with password = 'Atlantic-ocean';
A GRANT statement to execute if we allow the above 'sea'
login to create another login called 'jellyfish' with a password 'Jelly-fish'.
create user jellyfish for login sea;
grant alter user jellyfish
with password = 'Jelly-fish';
msg 33234 parameter password cannot be provided for users that cannot
authenticate in a database.
Related
I've created a custom Authentication Scheme, using a FUNCTION authenticate(username_in IN VARCHAR2, password_in IN VARCHAR2) RETURN BOOLEAN that returns TRUE if the username/password is correct, and FALSE otherwise + the HASH_PASSWORD function to encrypt the password.
I have a users page and when I modify a user password and try to log-in with the new password, I get the invalid credentials, however the password are the same.
I can only modify the password directly from the database.
What I am doing wrong?
When we create users/roles (see examples below) how are the passwords stored persistently? Are these stored in some encrypted form, and not as plain text?
# YSQL
CREATE USER tester WITH PASSWORD 'test_password';
or,
# YCQL
CREATE ROLE IF NOT EXISTS john WITH PASSWORD = 'test_password' AND LOGIN = true
For both APIs they are stored in an encrypted form.
I am using AWS cognito API to create User in pool. User is being created successfully in Pool.
Following is the code for that . But this code create user with FORCE_CHANGE_PASSWORD state but I want to create user in UNCONFIRMED state. Can someone help me on this?
AdminCreateUserRequest cognitoRequest =
new AdminCreateUserRequest().withUserPoolId(id)
.withUsername(r.getEmail())
.withTemporaryPassword(r.getPassword().trim())
.withUserAttributes(new AttributeType().withName(Constants.EMAIL).withValue(r.getEmail().trim()))
.withUserAttributes(new AttributeType().withName(Constants.EMAI_VERIFIED).withValue("false"))
.withUserAttributes(new AttributeType().withName(Constants.GIVEN_NAME).withValue(r.getFirstName().trim()))
.withUserAttributes(new AttributeType().withName(Constants.FAMILY_NAME).withValue(r.getLastName().trim()));
You can use SignUpRequest to create user with unconfirmed status
SignUpRequest request = new SignUpRequest().withClientId(clientId)
.withUsername(userSignUpRequest.getUsername()).withPassword(userSignUpRequest.getPassword())
.withUserAttributes(emailAttr, groupAttr);
return cognitoClient.signUp(request)
After signup, user will get code on the email mentioned during signup.You can confirm user signup using different request taking code from user as input.
An example of changing the username is
ALTER USER Mary5 WITH NAME = Mary51;
(from
https://learn.microsoft.com/en-us/sql/t-sql/statements/alter-user-transact-sql?view=sql-server-2017
)
However that requires special permission.
I am looking for a way to change the username from only having the username and password of the same simple user of whom I want to change
such as
ALTER LOGIN ALogin WITH PASSWORD = 'Se6ure?' OLD_PASSWORD = '2Secr#s';
which is an example from https://sqlity.net/en/2322/change-password/.
This means the user themselves can alter their own password without any special permission, I want the same but for usernames.
(I used this as ALTER USER AUser WITH PASSWORD = 'Se6ure?' OLD_PASSWORD = '2Secr#s'; because I'm only altering users, not logins)
So overall, is there any way of altering a username of a user given you have the password and username of the same user and that user hasn't been granted any special permissions?
I have a Store procedure to create auto generate SQl users.
code to create User
CREATE LOGIN userName with PASSWORD= 'autoGeneratedPass'
Problem: When the auto generated Password is weak then i got the below error
Password validation failed. The password does not meet Windows policy requirements because it is too short.
so i turned off Windows policy checking
Code
CREATE LOGIN userName with PASSWORD= 'autoGeneratedPass' CHECK_POLICY = OFF
If i did that any hidden problem arise?