Deprecated user password field should be removed
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Evergreen |
Confirmed
|
Medium
|
Unassigned | ||
Bug Description
Evergreen 3.0
As of Evergreen 2.10, patron passwords are stored in a new table (bug #1468422). We should probably remove the old actor.usr.passwd column. More than just removing cruft, the meat of this bug is that its implementation requires EG sites to completely migrate all passwords to the new, more secure format.
To recap, EG instances created before version 2.10 may have users whose passwords have not yet been migrated to the new actor.passwd table. Migration requires either a login or a forced migration (via SQL). The actor.usr.passwd column cannot be removed until all passwords are migrated.
Password migration is a time-consuming process. (Based on concerto tests on a dev VM, it takes roughly 1 minute per thousand passwords). Because of this, we would want to provide plenty of warning before a migration is required so admins have the option to manually migrate in batches before it's required by an upgrade.
| description: | updated |
| tags: | added: deprecation patron |
| Changed in evergreen: | |
| milestone: | none → 3.next |
| status: | New → Confirmed |
| importance: | Undecided → Medium |
| tags: | added: cleanup |
