Details
-
Bug
-
Resolution: Rejected
-
P3
-
None
-
9.0.0
-
generic
-
generic
Description
A DESCRIPTION OF THE PROBLEM :
First of all, this happens after upgrade from 8.1.0 to 9.0.0 (versions that this bug reporting page doesn't have, so versions in "Release"and "Previously worked in the Release" fields are bogus.
The problem: after upgrading JMC from 8.1.0 to 9.0.0 and copying old "org.openjdk.jmc.rjmx.prefs" and "org.openjdk.jmc.ui.common.prefs" files (which store connection settings and encrypted credentials) new JMC is unable to open them because it doesn't accept the master password which was used to encrypt these credentials!
I believe this is a regression introduced in https://bugs.openjdk.org/browse/JMC-7820 which added validations for master password. Unfortunately, it seems that after this change it is not only not possible to create a new master password which doesn't confirm to the validation rules but also use already existing master password which was created before these validations were put in place and now doesn't confirm to them!
REGRESSION : Last worked in version 8.2.0
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Install JMC 9.0.0.
2. Copy ~/.jmc/8.1.0/.metadata/.plugins/org.eclipse.core.runtime/.settings/org.openjdk.jmc.rjmx.prefs and ~/.jmc/8.1.0/.metadata/.plugins/org.eclipse.core.runtime/.settings/org.openjdk.jmc.ui.common.prefs into corresponding locations inside ~/.jmc/9.0.0.
3. Start JMC 9.0.0. It shows the connection list, as expected.
4. Try to start flight recording for any connection that has credentials.
5. "Verify Master Password" dialog opens asking for master password, as expected.
6. After entering correct master password which was used previously to save these credentials it is not possible to press "OK" button because it is inactive and "Password must contain at least one lowercase character, one uppercase character, one digit, one special character, and have a length between 8 to 20." message is displayed on top of the dialog.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
it should be possible to open already existing credentials using the old master password even if it doesn't confirm to the new validation rules. If necessary for security reasons, ask for a new master password (according to new rules) and migrate the data - decrypting with the old password and encrypting with the new one. It is not cool to just lose access in case a person had many saved connections.
CUSTOMER SUBMITTED WORKAROUND :
I hope it should be possible to open the connections with the old JMC, change master password in a way that it matches expectations of the new version and then try to use them with the new version. Didn't try this yet as I didn't find yet a place where I can download JMC < 8.3.0, the oldest version I see is 8.3.1: https://www.oracle.com/java/technologies/javase/products-jmc8-downloads.html
FREQUENCY : always