Improved database upgrade system (JM-603). Added support for encrypted passwords (JM-291).

git-svn-id: http://svn.igniterealtime.org/svn/repos/wildfire/trunk@3593 b35dd754-fafc-0310-a699-88a17e54d16e

Improved database upgrade system (JM-603). Added support for encrypted passwords (JM-291).
git-svn-id: http://svn.igniterealtime.org/svn/repos/wildfire/trunk@3593 b35dd754-fafc-0310-a699-88a17e54d16e
cfc880e2 · Matt Tucker · matt · 3e0cd231 · cfc880e2 · cfc880e2
Commit cfc880e2 authored Mar 20, 2006 by Matt Tucker Committed by matt Mar 20, 2006
56 changed files
--- a/documentation/docs/database-guide.html
+++ b/documentation/docs/database-guide.html
@@ -9,9 +9,9 @@
 <h1>Wildfire Database Schema Guide</h1>
 <h2>Introduction</h2>
 <p>
-This document outlines the data type conventions and tables in the Jive
+This document outlines the data type conventions and tables in the Wildfire database schema.
-Wildfire 2.1 database schema. Some information, like column indexes and foreign keys, is
+Some information, like column indexes and foreign keys, is omitted. For this, please read
-omitted. For this, please read the individual schema of the database you're interested in.
+the individual schema of the database you're interested in.
 <br>
 </p>
 <h2>Data Type Conventions</h2>
@@ -49,6 +49,7 @@ A <span class="primary-key">yellow row</span> denotes a primary key.
  <li><a href="#jiveRosterGroups">jiveRosterGroups</a> </li>
  <li><a href="#jivePrivacy">jivePrivacyList</a> </li>
  <li><a href="#jiveVCard">jiveVCard</a> </li>
+  <li><a href="#jiveVersion">jiveVersion</a> </li>
  <li><a href="#jiveProperty">jiveProperty</a><br>
  </li>
  <li><a href="#jiveExtComponentConf">jiveExtComponentConf</a> </li>
@@ -326,7 +327,13 @@ Key)<br>
      <td>password</td>
      <td>VARCHAR</td>
      <td>32</td>
-      <td>Password Data (plain-text or MD5 hash depending on settings)</td>
+      <td>Plain-text password data</td>
+    </tr>
+      <tr>
+      <td>encryptedPassword</td>
+      <td>VARCHAR</td>
+      <td>255</td>
+      <td>Encrypted password data (default)</td>
    </tr>
    <tr>
      <td>name</td>
@@ -592,6 +599,36 @@ roster)</th>
 <br>
 <br>
 <br>
+<a name="jiveVersion"></a>
+<table class="dbtable">
+  <tbody>
+    <tr>
+      <th colspan="4">jiveVersion (contains product version information)</th>
+    </tr>
+    <tr>
+      <th>Column Name</th>
+      <th>Type</th>
+      <th>Length</th>
+      <th>Description</th>
+    </tr>
+    <tr class="primary-key">
+      <td>name</td>
+      <td>VARCHAR</td>
+      <td>50</td>
+      <td>Name of the item that version information is being tracked for (Primary Key)</td>
+    </tr>
+    <tr>
+      <td>version</td>
+      <td>INTEGER</td>
+      <td>n/a</td>
+      <td>The version number</td>
+    </tr>
+  </tbody>
+</table>
+&nbsp;<a href="#top" class="top">top of page</a>
+<br>
+<br>
+<br>
 <a name="jiveProperty"></a>
 <table class="dbtable">
  <tbody>

--- a/src/database/upgrade/1.1_to_2.0/wildfire_db2.sql
+++ b/src/database/upgrade/1.1_to_2.0/wildfire_db2.sql
-- $RCSfile$
 -- $Revision: 395 $
 -- $Date: 2004-11-13 16:57:13 -0300 (Sat, 13 Nov 2004) $
-- upgrades from Wildfire 1.1.x to 2.0.x
 -- jiveUser: Adds new column "username". Removes "nameVisible" & "emailVisible". Changes primary key
 ALTER TABLE jiveUser ADD COLUMN username VARCHAR(32) NOT NULL;
 ALTER TABLE jiveUser DROP COLUMN nameVisible;

--- a/src/database/upgrade/1.1_to_2.0/wildfire_hsqldb.sql
+++ b/src/database/upgrade/1.1_to_2.0/wildfire_hsqldb.sql
-// $RCSfile$
 // $Revision: 395 $
 // $Date: 2004-11-13 16:57:13 -0300 (Sat, 13 Nov 2004) $
-// upgrades from Wildfire 1.1.x to 2.0.x
 // jiveUser: Adds new column "username". Removes "nameVisible" & "emailVisible". Changes primary key
 ALTER TABLE jiveUser ADD COLUMN username VARCHAR(32) NOT NULL;
 ALTER TABLE jiveUser DROP COLUMN nameVisible;

--- a/src/database/upgrade/1.1_to_2.0/wildfire_mysql.sql
+++ b/src/database/upgrade/1.1_to_2.0/wildfire_mysql.sql
-# $RCSfile$
 # $Revision: 395 $
 # $Date: 2004-11-13 16:57:13 -0300 (Sat, 13 Nov 2004) $
-# upgrades from Wildfire 1.1.x to 2.0.x
 # jiveUser: Adds new column "username". Removes "nameVisible" & "emailVisible". Changes primary key
 ALTER TABLE jiveUser ADD COLUMN username VARCHAR(32) NOT NULL;
 ALTER TABLE jiveUser DROP COLUMN nameVisible;

--- a/src/database/upgrade/1.1_to_2.0/wildfire_oracle.sql
+++ b/src/database/upgrade/1.1_to_2.0/wildfire_oracle.sql
-REM // $RCSfile$
 REM // $Revision: 784 $
 REM // $Date: 2005-01-04 12:47:23 -0300 (Tue, 04 Jan 2005) $
-REM // upgrades from Wildfire 1.1.x to 2.0.x
 REM // jiveUser: Adds new column "username". Removes "nameVisible" & "emailVisible". Changes primary key
 ALTER TABLE jiveUser ADD username VARCHAR2(32) NOT NULL;
 ALTER TABLE jiveUser DROP COLUMN nameVisible;

--- a/src/database/upgrade/1.1_to_2.0/wildfire_postgresql.sql
+++ b/src/database/upgrade/1.1_to_2.0/wildfire_postgresql.sql
-- $RCSfile$
 -- $Revision: 395 $
 -- $Date: 2004-11-13 16:57:13 -0300 (Sat, 13 Nov 2004) $
-- upgrades from Wildfire 1.1.x to 2.0.x
 -- jiveUser: Adds new column "username". Removes "nameVisible" & "emailVisible". Changes primary key
 ALTER TABLE jiveUser ADD COLUMN username VARCHAR(32) NOT NULL;
 ALTER TABLE jiveUser DROP COLUMN nameVisible;

--- a/src/database/upgrade/1.1_to_2.0/wildfire_sqlserver.sql
+++ b/src/database/upgrade/1.1_to_2.0/wildfire_sqlserver.sql
-/* $RCSfile$ */
 /* $Revision: 840 $                           */
 /* $Date: 2005-01-10 01:30:06 -0300 (Mon, 10 Jan 2005) $               */
-/* upgrades from Wildfire 1.1.x to 2.0.x */
 /* jiveUser: Adds new column "username". Removes "nameVisible" & "emailVisible". Changes primary key */
 ALTER TABLE jiveUser ADD COLUMN username NVARCHAR(32) NOT NULL;
 ALTER TABLE jiveUser DROP COLUMN nameVisible;

--- a/src/database/upgrade/2.0_to_2.1/wildfire_db2.sql
+++ b/src/database/upgrade/2.0_to_2.1/wildfire_db2.sql
-- $RCSfile$
 -- $Revision: 795 $
 -- $Date: 2005-01-06 07:44:42 -0300 (Thu, 06 Jan 2005) $
-- upgrades from Wildfire 2.0.x to 2.1.0
 -- jiveGroup: Recreate table from scratch
 DROP TABLE jiveGroup;
 CREATE TABLE jiveGroup (

--- a/src/database/upgrade/2.0_to_2.1/wildfire_hsqldb.sql
+++ b/src/database/upgrade/2.0_to_2.1/wildfire_hsqldb.sql
--- a/src/database/upgrade/2.0_to_2.1/wildfire_mysql.sql
+++ b/src/database/upgrade/2.0_to_2.1/wildfire_mysql.sql
--- a/src/database/upgrade/2.0_to_2.1/wildfire_oracle.sql
+++ b/src/database/upgrade/2.0_to_2.1/wildfire_oracle.sql
--- a/src/database/upgrade/2.0_to_2.1/wildfire_postgresql.sql
+++ b/src/database/upgrade/2.0_to_2.1/wildfire_postgresql.sql
--- a/src/database/upgrade/2.0_to_2.1/wildfire_sqlserver.sql
+++ b/src/database/upgrade/2.0_to_2.1/wildfire_sqlserver.sql
--- a/src/database/upgrade/2.1_to_2.2/wildfire_db2.sql
+++ b/src/database/upgrade/2.1_to_2.2/wildfire_db2.sql
-- $RCSfile$
 -- $Revision: 1650 $
 -- $Date: 2005-07-20 00:18:17 -0300 (Wed, 20 Jul 2005) $
-- upgrades from Wildfire 2.1.x to 2.2.0
 -- Update jiveVersion to JM 2.2
 UPDATE jiveVersion SET majorVersion=2, minorVersion=2;

--- a/src/database/upgrade/2.1_to_2.2/wildfire_hsqldb.sql
+++ b/src/database/upgrade/2.1_to_2.2/wildfire_hsqldb.sql
-// $RCSfile$
 // $Revision: 1650 $
 // $Date: 2005-07-20 00:18:17 -0300 (Wed, 20 Jul 2005) $
-// upgrades from Wildfire 2.1.x to 2.2.0
 // Update jiveVersion to JM 2.2
 UPDATE jiveVersion SET majorVersion=2, minorVersion=2;

--- a/src/database/upgrade/2.1_to_2.2/wildfire_mysql.sql
+++ b/src/database/upgrade/2.1_to_2.2/wildfire_mysql.sql
-# $RCSfile$
 # $Revision: 1650 $
 # $Date: 2005-07-20 00:18:17 -0300 (Wed, 20 Jul 2005) $
-# upgrades from Wildfire 2.1.x to 2.2.0
 # Update jiveVersion to JM 2.2
 UPDATE jiveVersion SET majorVersion=2, minorVersion=2;

--- a/src/database/upgrade/2.1_to_2.2/wildfire_oracle.sql
+++ b/src/database/upgrade/2.1_to_2.2/wildfire_oracle.sql
-REM // $RCSfile$
 REM // $Revision: 1650 $
 REM // $Date: 2005-07-20 00:18:17 -0300 (Wed, 20 Jul 2005) $
-REM // upgrades from Wildfire 2.1.x to 2.2.0
 REM // Update jiveVersion to JM 2.2
 UPDATE jiveVersion SET majorVersion=2, minorVersion=2;

--- a/src/database/upgrade/2.1_to_2.2/wildfire_postgresql.sql
+++ b/src/database/upgrade/2.1_to_2.2/wildfire_postgresql.sql
-- $RCSfile$
 -- $Revision: 1650 $
 -- $Date: 2005-07-20 00:18:17 -0300 (Wed, 20 Jul 2005) $
-- upgrades from Wildfire 2.1.x to 2.2.0
 -- Update jiveVersion to JM 2.2
 UPDATE jiveVersion SET majorVersion=2, minorVersion=2;

--- a/src/database/upgrade/2.1_to_2.2/wildfire_sqlserver.sql
+++ b/src/database/upgrade/2.1_to_2.2/wildfire_sqlserver.sql
-/* $RCSfile$ */
 /* $Revision: 1650 $                           */
 /* $Date: 2005-07-20 00:18:17 -0300 (Wed, 20 Jul 2005) $               */
-/* upgrades from Wildfire 2.1.x to 2.2.0 */
 /* Update jiveVersion to JM 2.2 */
 UPDATE jiveVersion SET majorVersion=2, minorVersion=2;

--- a/src/database/upgrade/2.3_to_2.4/wildfire_db2.sql
+++ b/src/database/upgrade/2.3_to_2.4/wildfire_db2.sql
-- $RCSfile$
 -- $Revision: 795 $
 -- $Date: 2005-01-06 07:44:42 -0300 (Thu, 06 Jan 2005) $
-- upgrades from Wildfire 2.2.x to 2.4.0
 -- Update jiveVersion to JM 2.4
 UPDATE jiveVersion SET majorVersion=2, minorVersion=4;

--- a/src/database/upgrade/2.3_to_2.4/wildfire_hsqldb.sql
+++ b/src/database/upgrade/2.3_to_2.4/wildfire_hsqldb.sql
-// $RCSfile$
 // $Revision: 795 $
 // $Date: 2005-01-06 07:44:42 -0300 (Thu, 06 Jan 2005) $
-// upgrades from Wildfire 2.2.x to 2.4.0
 // Update jiveVersion to JM 2.4
 UPDATE jiveVersion SET majorVersion=2, minorVersion=4;

--- a/src/database/upgrade/2.3_to_2.4/wildfire_mysql.sql
+++ b/src/database/upgrade/2.3_to_2.4/wildfire_mysql.sql
-# $RCSfile$
 # $Revision: 1650 $
 # $Date: 2005-07-20 00:18:17 -0300 (Wed, 20 Jul 2005) $
-# upgrades from Wildfire 2.2.x to 2.4.0
 # Update jiveVersion to JM 2.4
 UPDATE jiveVersion SET majorVersion=2, minorVersion=4;

--- a/src/database/upgrade/2.3_to_2.4/wildfire_oracle.sql
+++ b/src/database/upgrade/2.3_to_2.4/wildfire_oracle.sql
-REM // $RCSfile$
 REM // $Revision: 795 $
 REM // $Date: 2005-01-06 07:44:42 -0300 (Thu, 06 Jan 2005) $
-REM // upgrades from Wildfire 2.2.x to 2.4.0
 REM // Update jiveVersion to JM 2.4
 UPDATE jiveVersion SET majorVersion=2, minorVersion=4;

--- a/src/database/upgrade/2.3_to_2.4/wildfire_postgresql.sql
+++ b/src/database/upgrade/2.3_to_2.4/wildfire_postgresql.sql
-- $RCSfile$
 -- $Revision: 795 $
 -- $Date: 2005-01-06 07:44:42 -0300 (Thu, 06 Jan 2005) $
-- upgrades from Wildfire 2.2.x to 2.4.0
 -- Update jiveVersion to JM 2.4
 UPDATE jiveVersion SET majorVersion=2, minorVersion=4;

--- a/src/database/upgrade/2.3_to_2.4/wildfire_sqlserver.sql
+++ b/src/database/upgrade/2.3_to_2.4/wildfire_sqlserver.sql
-/* $RCSfile$ */
 /* $Revision: 840 $                           */
 /* $Date: 2005-01-10 01:30:06 -0300 (Mon, 10 Jan 2005) $               */
-/* upgrades from Wildfire 2.2.x to 2.4.0 */
 /* Update jiveVersion to JM 2.4 */
 UPDATE jiveVersion SET majorVersion=2, minorVersion=4;

--- a/src/database/upgrade/2.3_to_2.4/wildfire_sybase.sql
+++ b/src/database/upgrade/2.3_to_2.4/wildfire_sybase.sql
-/* $RCSfile$ */
 /* $Revision: 840 $                           */
 /* $Date: 2005-01-10 01:30:06 -0300 (Mon, 10 Jan 2005) $               */
-/* upgrades from Wildfire 2.2.x to 2.4.0 */
 /* Update jiveVersion to JM 2.4 */
 UPDATE jiveVersion SET majorVersion=2, minorVersion=4;

--- a/src/database/upgrade/2.4_to_2.5/wildfire_db2.sql
+++ b/src/database/upgrade/2.4_to_2.5/wildfire_db2.sql
-- $RCSfile$
 -- $Revision:  $
 -- $Date:  $
-- upgrades from Wildfire 2.4.x to 2.5.0
 -- Update jiveVersion to Wildfire 2.5
 UPDATE jiveVersion SET majorVersion=2, minorVersion=5;

--- a/src/database/upgrade/2.4_to_2.5/wildfire_hsqldb.sql
+++ b/src/database/upgrade/2.4_to_2.5/wildfire_hsqldb.sql
-// $RCSfile$
 // $Revision:  $
 // $Date:  $
-// upgrades from Wildfire 2.4.x to 2.5.0
 // Update jiveVersion to Wildfire 2.5
 UPDATE jiveVersion SET majorVersion=2, minorVersion=5;

--- a/src/database/upgrade/2.4_to_2.5/wildfire_mysql.sql
+++ b/src/database/upgrade/2.4_to_2.5/wildfire_mysql.sql
-# $RCSfile$
 # $Revision:  $
 # $Date:  $
-# upgrades from Wildfire 2.4.x to 2.5.0
 # Update jiveVersion to Wildfire 2.5
 UPDATE jiveVersion SET majorVersion=2, minorVersion=5;

--- a/src/database/upgrade/2.4_to_2.5/wildfire_oracle.sql
+++ b/src/database/upgrade/2.4_to_2.5/wildfire_oracle.sql
-REM // $RCSfile$
 REM // $Revision:  $
 REM // $Date:  $
-REM // upgrades from Wildfire 2.4.x to 2.5.0
 REM // Update jiveVersion to Wildfire 2.5
 UPDATE jiveVersion SET majorVersion=2, minorVersion=5;

--- a/src/database/upgrade/2.4_to_2.5/wildfire_postgresql.sql
+++ b/src/database/upgrade/2.4_to_2.5/wildfire_postgresql.sql
-- $RCSfile$
 -- $Revision:  $
 -- $Date:  $
-- upgrades from Wildfire 2.4.x to 2.5.0
 -- Update jiveVersion to Wildfire 2.5
 UPDATE jiveVersion SET majorVersion=2, minorVersion=5;

--- a/src/database/upgrade/2.4_to_2.5/wildfire_sqlserver.sql
+++ b/src/database/upgrade/2.4_to_2.5/wildfire_sqlserver.sql
-/* $RCSfile$ */
 /* $Revision:  $                           */
 /* $Date:  $               */
-/* upgrades from Wildfire 2.4.x to 2.5.0 */
 /* Update jiveVersion to Wildfire 2.5 */
 UPDATE jiveVersion SET majorVersion=2, minorVersion=5;

--- a/src/database/upgrade/2.4_to_2.5/wildfire_sybase.sql
+++ b/src/database/upgrade/2.4_to_2.5/wildfire_sybase.sql
-/* $RCSfile$ */
 /* $Revision:  $ */
 /* $Date:  $ */
-/* upgrades from Wildfire 2.4.x to 2.5.0 */
 /* Update jiveVersion to Wildfire 2.5 */
 UPDATE jiveVersion SET majorVersion=2, minorVersion=5;

--- a/src/database/upgrade/2.5_to_2.6/wildfire_hsqldb.sql
+++ b/src/database/upgrade/2.5_to_2.6/wildfire_hsqldb.sql
+# $Revision:  $
+# $Date:  $
+# Update the jiveVersion table to new definition.
+DROP TABLE jiveVersion;
+CREATE TABLE jiveVersion (
+  name  varchar(50)  NOT NULL,
+  version  INTEGER  NOT NULL,
+  CONSTRAINT jiveVersion_pk PRIMARY KEY (name)
+);
+INSERT INTO jiveVersion (name, version) VALUES ("wildfire", 6);
+# Make password column accept null, add encrypted password column.
+ALTER TABLE jiveUser ALTER COLUMN password NULL;
+ALTER TABLE jiveUser ADD COLUMN encryptedPassword VARCHAR(255) BEFORE name;
\ No newline at end of file
--- a/src/database/upgrade/2.5_to_2.6/wildfire_mysql.sql
+++ b/src/database/upgrade/2.5_to_2.6/wildfire_mysql.sql
+# $Revision:  $
+# $Date:  $
+# Update the jiveVersion table to new definition.
+DROP TABLE jiveVersion;
+CREATE TABLE jiveVersion (
+  name     VARCHAR(50)  NOT NULL,
+  version  INTEGER  NOT NULL,
+  PRIMARY KEY (name)
+);
+INSERT INTO jiveVersion (name, version) VALUES ("wildfire", 6);
+# Make password column accept null, add encrypted password column.
+ALTER TABLE jiveUser MODIFY password VARCHAR(32) NULL;
+ALTER TABLE jiveUser ADD COLUMN encryptedPassword VARCHAR(255) NULL AFTER password;
\ No newline at end of file
--- a/src/database/wildfire_db2.sql
+++ b/src/database/wildfire_db2.sql
--   $RCSfile$   
 --   $Revision: 1650 $
 --   $Date: 2005-07-20 00:18:17 -0300 (Wed, 20 Jul 2005) $
 CREATE TABLE jiveUser (
  username              VARCHAR(32)     NOT NULL,
-  password              VARCHAR(32)     NOT NULL,
+  password              VARCHAR(32),
+  encryptedPassword     VARCHAR(255),
  name                  VARCHAR(100),
  email                 VARCHAR(100),
  creationDate          CHAR(15)        NOT NULL,
@@ -108,8 +108,9 @@ CREATE TABLE jiveProperty (
 CREATE TABLE jiveVersion (
-  majorVersion  INTEGER  NOT NULL,
+  name     VARCHAR(50)  NOT NULL,
-  minorVersion  INTEGER  NOT NULL
+  version  INTEGER  NOT NULL,
+  CONSTRAINT jiveVersion_pk PRIMARY KEY (name)
 );
 CREATE TABLE jiveExtComponentConf (
@@ -207,7 +208,7 @@ INSERT INTO jiveID (idType, id) VALUES (18, 1);
 INSERT INTO jiveID (idType, id) VALUES (19, 1);
 INSERT INTO jiveID (idType, id) VALUES (23, 1);
-INSERT INTO jiveVersion (majorVersion, minorVersion) VALUES (2, 5);
+INSERT INTO jiveVersion (name, version) VALUES ("wildfire", 6);
 -- Entry for admin user
 INSERT INTO jiveUser (username, password, name, email, creationDate, modificationDate)

--- a/src/database/wildfire_hsqldb.sql
+++ b/src/database/wildfire_hsqldb.sql
-// $RCSfile$
 // $Revision: 1650 $
 // $Date: 2005-07-20 00:18:17 -0300 (Wed, 20 Jul 2005) $
 CREATE TABLE jiveUser (
  username              VARCHAR(32)     NOT NULL,
-  password              VARCHAR(32)     NOT NULL,
+  password              VARCHAR(32),
+  encryptedPassword     VARCHAR(255),
  name                  VARCHAR(100),
  email                 VARCHAR(100),
  creationDate          VARCHAR(15)     NOT NULL,
@@ -108,8 +108,9 @@ CREATE TABLE jiveProperty (
 CREATE TABLE jiveVersion (
-  majorVersion  INTEGER  NOT NULL,
+  name  varchar(50)  NOT NULL,
-  minorVersion  INTEGER  NOT NULL
+  version  INTEGER  NOT NULL,
+  CONSTRAINT jiveVersion_pk PRIMARY KEY (name)
 );
 CREATE TABLE jiveExtComponentConf (
@@ -207,7 +208,7 @@ INSERT INTO jiveID (idType, id) VALUES (18, 1);
 INSERT INTO jiveID (idType, id) VALUES (19, 1);
 INSERT INTO jiveID (idType, id) VALUES (23, 1);
-INSERT INTO jiveVersion (majorVersion, minorVersion) VALUES (2, 5);
+INSERT INTO jiveVersion (name, minorVersion) VALUES ("wildfire", 6);
 // Entry for admin user
 INSERT INTO jiveUser (username, password, name, email, creationDate, modificationDate)

--- a/src/database/wildfire_mysql.sql
+++ b/src/database/wildfire_mysql.sql
-# $RCSfile$
 # $Revision: 1650 $
 # $Date: 2005-07-20 00:18:17 -0300 (Wed, 20 Jul 2005) $
 CREATE TABLE jiveUser (
  username              VARCHAR(32)     NOT NULL,
-  password              VARCHAR(32)     NOT NULL,
+  password              VARCHAR(32),
+  encryptedPassword     VARCHAR(255),
  name                  VARCHAR(100),
  email                 VARCHAR(100),
  creationDate          CHAR(15)        NOT NULL,
@@ -97,8 +97,9 @@ CREATE TABLE jiveProperty (
 CREATE TABLE jiveVersion (
-  majorVersion  INTEGER  NOT NULL,
+  name     VARCHAR(50)  NOT NULL,
-  minorVersion  INTEGER  NOT NULL
+  version  INTEGER  NOT NULL,
+  PRIMARY KEY (name)
 );
 CREATE TABLE jiveExtComponentConf (
@@ -195,7 +196,7 @@ INSERT INTO jiveID (idType, id) VALUES (18, 1);
 INSERT INTO jiveID (idType, id) VALUES (19, 1);
 INSERT INTO jiveID (idType, id) VALUES (23, 1);
-INSERT INTO jiveVersion (majorVersion, minorVersion) VALUES (2, 5);
+INSERT INTO jiveVersion (name, version) VALUES ("wildfire", 6);
 # Entry for admin user
 INSERT INTO jiveUser (username, password, name, email, creationDate, modificationDate)

--- a/src/database/wildfire_oracle.sql
+++ b/src/database/wildfire_oracle.sql
-REM // $RCSfile$
 REM // $Revision: 1650 $
 REM // $Date: 2005-07-20 00:18:17 -0300 (Wed, 20 Jul 2005) $
 CREATE TABLE jiveUser (
  username              VARCHAR2(32)     NOT NULL,
-  password              VARCHAR2(32)    NOT NULL,
+  password              VARCHAR2(32),
+  encryptedPassword     VARCHAR2(255),
  name                  VARCHAR2(100),
  email                 VARCHAR2(100),
  creationDate          CHAR(15)        NOT NULL,
@@ -103,8 +103,9 @@ CREATE TABLE jiveProperty (
 );
 CREATE TABLE jiveVersion (
-  majorVersion  INTEGER  NOT NULL,
+  name     VARCHAR2(50)  NOT NULL,
-  minorVersion  INTEGER  NOT NULL
+  version  INTEGER  NOT NULL,
+  CONSTRAINT jiveVersion_pk PRIMARY KEY (name)
 );
 CREATE TABLE jiveExtComponentConf (
@@ -201,7 +202,7 @@ INSERT INTO jiveID (idType, id) VALUES (18, 1);
 INSERT INTO jiveID (idType, id) VALUES (19, 1);
 INSERT INTO jiveID (idType, id) VALUES (23, 1);
-INSERT INTO jiveVersion (majorVersion, minorVersion) VALUES (2, 5);
+INSERT INTO jiveVersion (name, version) VALUES ("wildfire", 6);
 REM // Entry for admin user
 INSERT INTO jiveUser (username, password, name, email, creationDate, modificationDate)

--- a/src/database/wildfire_postgresql.sql
+++ b/src/database/wildfire_postgresql.sql
-- $RCSfile$
 -- $Revision: 1650 $
 -- $Date: 2005-07-20 00:18:17 -0300 (Wed, 20 Jul 2005) $
@@ -6,7 +5,8 @@
 CREATE TABLE jiveUser (
  username              VARCHAR(32)     NOT NULL,
-  password              VARCHAR(32)     NOT NULL,
+  password              VARCHAR(32),
+  encryptedPassword     VARCHAR(255),
  name                  VARCHAR(100),
  email                 VARCHAR(100),
  creationDate          CHAR(15)        NOT NULL,
@@ -111,8 +111,9 @@ CREATE TABLE jiveProperty (
 CREATE TABLE jiveVersion (
-  majorVersion  INTEGER  NOT NULL,
+  name     VARCHAR(50)  NOT NULL,
-  minorVersion  INTEGER  NOT NULL
+  version  INTEGER  NOT NULL,
+  CONSTRAINT jiveVersion_pk PRIMARY KEY (name)
 );
 CREATE TABLE jiveExtComponentConf (
@@ -210,7 +211,7 @@ INSERT INTO jiveID (idType, id) VALUES (18, 1);
 INSERT INTO jiveID (idType, id) VALUES (19, 1);
 INSERT INTO jiveID (idType, id) VALUES (23, 1);
-INSERT INTO jiveVersion (majorVersion, minorVersion) VALUES (2, 5);
+INSERT INTO jiveVersion (name, version) VALUES ("wildfire", 6);
 -- Entry for admin user
 INSERT INTO jiveUser (username, password, name, email, creationDate, modificationDate)

--- a/src/database/wildfire_sqlserver.sql
+++ b/src/database/wildfire_sqlserver.sql
-/* $RCSfile$ */
+/* $Revision: 1650 $                                       */
-/* $Revision: 1650 $                          */
+/* $Date: 2005-07-20 00:18:17 -0300 (Wed, 20 Jul 2005) $   */
-/* $Date: 2005-07-20 00:18:17 -0300 (Wed, 20 Jul 2005) $               */
 CREATE TABLE jiveUser (
  username              NVARCHAR(32)    NOT NULL,
-  password              NVARCHAR(32)    NOT NULL,
+  password              NVARCHAR(32),
+  encryptedPassword     NVARCHAR(255),
  name                  NVARCHAR(100),
  email                 VARCHAR(100),
  creationDate          CHAR(15)        NOT NULL,
@@ -102,15 +102,16 @@ CREATE TABLE jiveID (
 CREATE TABLE jiveProperty (
-  name         NVARCHAR(100) NOT NULL,
+  name        NVARCHAR(100) NOT NULL,
  propValue   NTEXT NOT NULL,
  CONSTRAINT jiveProperty_pk PRIMARY KEY (name)
 );
 CREATE TABLE jiveVersion (
-  majorVersion  INTEGER  NOT NULL,
+  name     NVARCHAR(50) NOT NULL,
-  minorVersion  INTEGER  NOT NULL
+  version  INTEGER  NOT NULL,
+  CONSTRAINT jiveVersion_pk PRIMARY KEY (name)
 );
 CREATE TABLE jiveExtComponentConf (
@@ -208,7 +209,7 @@ INSERT INTO jiveID (idType, id) VALUES (18, 1);
 INSERT INTO jiveID (idType, id) VALUES (19, 1);
 INSERT INTO jiveID (idType, id) VALUES (23, 1);
-INSERT INTO jiveVersion (majorVersion, minorVersion) VALUES (2, 5);
+INSERT INTO jiveVersion (name, version) VALUES ("wildfire", 6);
 /* Entry for admin user */
 INSERT INTO jiveUser (username, password, name, email, creationDate, modificationDate)

--- a/src/database/wildfire_sybase.sql
+++ b/src/database/wildfire_sybase.sql
-/* $RCSfile$ */
+/* $Revision: 1650 $                                       */
-/* $Revision: 1650 $                          */
+/* $Date: 2005-07-19 20:18:17 -0700 (Tue, 19 Jul 2005) $   */
-/* $Date: 2005-07-19 20:18:17 -0700 (Tue, 19 Jul 2005) $               */
 CREATE TABLE jiveUser (
  username              NVARCHAR(32)    NOT NULL,
-  password              NVARCHAR(32)    NOT NULL,
+  password              NVARCHAR(32)    NULL,
+  encryptedPassword     NVARCHAR(255)   NULL,
  name                  NVARCHAR(100)   NULL,
  email                 VARCHAR(100)    NULL,
  creationDate          CHAR(15)        NOT NULL,
@@ -109,8 +109,9 @@ CREATE TABLE jiveProperty (
 CREATE TABLE jiveVersion (
-  majorVersion  INTEGER  NOT NULL,
+  name     NVARCHAR(50) NOT NULL,
-  minorVersion  INTEGER  NOT NULL
+  version  INTEGER  NOT NULL,
+  CONSTRAINT jiveVersion_pk PRIMARY KEY (name)
 );
 CREATE TABLE jiveExtComponentConf (
@@ -208,7 +209,7 @@ INSERT INTO jiveID (idType, id) VALUES (18, 1);
 INSERT INTO jiveID (idType, id) VALUES (19, 1);
 INSERT INTO jiveID (idType, id) VALUES (23, 1);
-INSERT INTO jiveVersion (majorVersion, minorVersion) VALUES (2, 5);
+INSERT INTO jiveVersion (name, version) VALUES ("wildfire", 6);
 /* Entry for admin user */
 INSERT INTO jiveUser (username, password, name, email, creationDate, modificationDate)

--- a/src/i18n/wildfire_i18n_cs_CZ.properties
+++ b/src/i18n/wildfire_i18n_cs_CZ.properties
@@ -1502,3 +1502,10 @@ system.cache.desc.effectiveness=* Effectiveness measures how well your cache is
 system.cache.total=Total:
 system.cache.clear-selected=Clear Selected
+# Upgrade process
+upgrade.database.old_schema=Found old database version. Upgrading...
+upgrade.database.unknown_db=Warning: database type unknown. You must manually upgrade your database.
+upgrade.database.interbase_db=Warning: automatic upgrades of Interbase are not supported. You \
+    must manually upgrade your database.
+upgrade.database.success=Database upgraded successfully.
+upgrade.database.failure=Database upgrade failed. Please manually upgrade your database.
\ No newline at end of file
--- a/src/i18n/wildfire_i18n_de.properties
+++ b/src/i18n/wildfire_i18n_de.properties
@@ -871,14 +871,14 @@ server2server.settings.never_close=Inaktive Verbindungen nie schliessen.
 server2server.settings.close_session=Verbindungen schliessen nachdem sie inaktiv waren f\u00fcr folgende Anzahl an Minuten
 server2server.settings.allowed=Verbindung erlauben
 server2server.settings.anyone=Jedem
-server2server.settings.anyone_info=Jeder entfernte Server darf sich mit diesem Server verbinden. \ 
+server2server.settings.anyone_info=Jeder entfernte Server darf sich mit diesem Server verbinden. \
-	Die Tabelle unten benutzen um diese Einstellungen anzupassen.
+  Die Tabelle unten benutzen um diese Einstellungen anzupassen.
 server2server.settings.whitelist=Erlauben-Liste
-server2server.settings.whitelist_info=Nur bestimmte Server haben die Erlaubnis sich mit diesem Server zu verbinden. \ 
+server2server.settings.whitelist_info=Nur bestimmte Server haben die Erlaubnis sich mit diesem \
-	Die Tabelle unten benutzen um die Server zu definieren.
+  Server zu verbinden. Die Tabelle unten benutzen um die Server zu definieren.
 server2server.settings.disallowed=Keine Erlaubnis zu verbinden
-server2server.settings.disallowed.info=Die Server in der folgenden Liste haben keine Erlaubnis \ 
+server2server.settings.disallowed.info=Die Server in der folgenden Liste haben keine Erlaubnis  \
-	sich mit diesem Server zu verbinden. Das Formular unten benutzen um weitere Server zu blocken.
+  sich mit diesem Server zu verbinden. Das Formular unten benutzen um weitere Server zu blocken.
 server2server.settings.domain=Domain
 server2server.settings.remotePort=Port des entfernten Servers
 server2server.settings.empty_list=Keine entfernte Server
@@ -1500,3 +1500,9 @@ system.cache.desc.effectiveness=* Effectiveness measures how well your cache is
 system.cache.total=Total:
 system.cache.clear-selected=Clear Selected
+database.upgrade.old_schema=Found old database version. Upgrading...
+database.upgrade.unknown_db=Warning: database type unknown. You must manually upgrade your database.
+database.upgrade.interbase_db=Warning: automatic upgrades of Interbase are not supported. You \
+    must manually upgrade your database.
+upgrade.database.success=Database upgraded successfully.
+upgrade.database.failure=Database upgrade failed. Please manually upgrade your database.
\ No newline at end of file
--- a/src/i18n/wildfire_i18n_en.properties
+++ b/src/i18n/wildfire_i18n_en.properties
@@ -31,109 +31,6 @@
 ##
 ## REVISION HISTORY (by Wildfire version):
 ##
-##   2.2.0 Beta 1
-##       Added key: 'global.click_edit'
-##       Added key: 'global.click_delete'
-##       Added key: 'global.delete'
-##       Added key: 'global.minutes'
-##       Added key: 'global.none'
-##       Added key: 'global.pages'
-##       Added key: 'global.refresh'
-##       Added key: 'global.seconds'
-##       Added key: 'global.showing'
-##       Added key: 'server.props.component_port'
-##       Added key: 'server.props.server_port'
-##       Added key: 'server.props.update.norestart'
-##       Added key: 'sidebar.client-session'
-##       Added key: 'sidebar.component-session'
-##       Added key: 'sidebar.component-session-summary'
-##       Added key: 'sidebar.component-session-summary.descr'
-##       Added key: 'sidebar.external-components-settings'
-##       Added key: 'sidebar.external-components-settings.descr'
-##       Added key: 'sidebar.server-session'
-##       Added key: 'sidebar.server-session-summary'
-##       Added key: 'sidebar.server-session-summary.descr'
-##       Added key: 'sidebar.server2server-settings'
-##       Added key: 'sidebar.server2server-settings.descr'
-##       Added key: 'startup.component'
-##       Added key: 'startup.server'
-##       Added sections: 'component.session.summary.*' and 'component.session.details.*'
-##       Added sections: 'server.session.summary.*' and 'server.session.details.*'
-##       Added sections: 'server2server.settings.*' and 'component.settings.*'
-##       Modified key: 'server.props.port'
-##       Modified key: 'server.props.ssl_port'
-##       Modified key: 'sidebar.session-summary'
-##       Modified key: 'plugin.admin.info'
-##       Removed key: 'group.summary.click_edit'
-##       Removed key: 'group.summary.click_delete'
-##       Removed key: 'group.summary.page_delete'
-##       Removed key: 'group.summary.page'
-##       Removed key: 'group.summary.showing'
-##       Removed key: 'logviewer.none'
-##       Removed key: 'logviewer.refresh'
-##       Removed key: 'logviewer.seconds'
-##       Removed key: 'muc.room.affiliations.click_delete'
-##       Removed key: 'muc.room.affiliations.delete'
-##       Removed key: 'muc.room.summary.click_edit'
-##       Removed key: 'muc.room.summary.click_delete'
-##       Removed key: 'muc.room.summary.page'
-##       Removed key: 'muc.room.summary.showing'
-##       Removed key: 'muc.tasks.minutes'
-##       Removed key: 'plugin.admin.click_edit'
-##       Removed key: 'plugin.admin.click_delete'
-##       Removed key: 'plugin.admin.delete'
-##       Removed key: 'session.summary.page'
-##       Removed key: 'session.summary.showing'
-##       Removed key: 'server.properties.delete'
-##       Removed key: 'user.summary.click_edit'
-##       Removed key: 'user.summary.click_delete'
-##       Removed key: 'user.summary.delete'
-##       Removed key: 'user.summary.pages'
-##       Removed key: 'user.summary.showing'
-##
-##   2.2.0 Beta 2
-##       Added key: 'muc.form.conf.owner_reservednick'
-##       Added key: 'muc.form.conf.owner_canchangenick'
-##       Added key: 'muc.form.conf.owner_registration'
-##       Added key: 'muc.room.edit.form.reservednick'
-##       Added key: 'muc.room.edit.form.canchangenick'
-##       Added key: 'muc.room.edit.form.registration'
-##       Added key: 'audit.policy.log_directory'
-##       Added key: 'audit.policy.valid_log_directory'
-##       Added key: 'audit.policy.ignore'
-##       Added key: 'audit.policy.validignore'
-##       Added key: 'global.done'
-##       Added key: 'reg.settings.change_password'
-##       Added key: 'reg.settings.change_password_info'
-##       Added key: 'reg.settings.can_change'
-##       Added key: 'reg.settings.cannot_change'
-##       Added key: 'reg.settings.allowed_ips'
-##       Added key: 'reg.settings.allowed_ips_info'
-##       Added section: 'user.browser.*'
-##       Added section: 'setup.env.check.*'
-##       Modified key: 'server2server.settings.title'
-##       Modified key: 'server2server.settings.info'
-##       Modified key: 'server2server.settings.label_enable_info'
-##       Modified key: 'server2server.settings.whitelist'
-##       Modified key: 'server2server.settings.remotePort'
-##       Modified key: 'component.settings.info'
-##       Modified key: 'server.session.summary.info'
-##       Removed key: 'server2server.settings.port'
-##
-##  2.2.0 Release Candidate
-##      Added key: 'sidebar.active-sessions'
-##      Modified key: 'sidebar.session-summary'
-##      Modified key: 'sidebar.server-session-summary'
-##      Modified key: 'sidebar.component-session-summary'
-##      Modified key: 'server.session.summary.title'
-##      Modified key: 'component.settings.title'
-##      Modified key: 'component.session.summary.title'
-##      Modified key: 'component.session.summary.info'
-##      Modified key: 'component.session.details.title'
-##      Removed key: 'sidebar.client-session'
-##      Removed key: 'sidebar.server-session'
-##      Removed key: 'sidebar.component-session'
-##
 ##  2.2.1
 ##      Modified key: 'server2server.settings.label_disable_info'
 ##      Modified key: 'server2server.settings.label_enable_info'
@@ -259,6 +156,7 @@
 ##      Added key: 'sidebar.system-cache.descr'
 ##      Added key: 'startup.starting.pubsub'
 ##      Added section: 'system.cache.*'
+##      Added section 'upgrade.database.*'
 # Wildfire
@@ -1755,3 +1653,11 @@ system.cache.desc.effectiveness=* Effectiveness measures how well your cache is
    may be the case are specially flagged.
 system.cache.total=Total:
 system.cache.clear-selected=Clear Selected
+# Upgrade process
+upgrade.database.old_schema=Found old database version. Upgrading...
+upgrade.database.unknown_db=Warning: database type unknown. You must manually upgrade your database.
+upgrade.database.interbase_db=Warning: automatic upgrades of Interbase are not supported. You \
+    must manually upgrade your database.
+upgrade.database.success=Database upgraded successfully.
+upgrade.database.failure=Database upgrade failed. Please manually upgrade your database.
\ No newline at end of file
--- a/src/i18n/wildfire_i18n_es.properties
+++ b/src/i18n/wildfire_i18n_es.properties
@@ -1373,4 +1373,12 @@ system.cache.desc.effectiveness=* La efectividad mide lo bien que esta funcionan
    efectividad es baja, usualmente significa que su cache es peque\u00f1o. Caches que se hayan en \
    esa situaci\u00f3n ser\u00e1n especialmente marcados.
 system.cache.total=Total:
 system.cache.clear-selected=Limpiar Seleccionados
\ No newline at end of file
+# Upgrade process
+upgrade.database.old_schema=Found old database version. Upgrading...
+upgrade.database.unknown_db=Warning: database type unknown. You must manually upgrade your database.
+upgrade.database.interbase_db=Warning: automatic upgrades of Interbase are not supported. You \
+    must manually upgrade your database.
+upgrade.database.success=Database upgraded successfully.
+upgrade.database.failure=Database upgrade failed. Please manually upgrade your database.
\ No newline at end of file
--- a/src/i18n/wildfire_i18n_fr.properties
+++ b/src/i18n/wildfire_i18n_fr.properties
@@ -1615,3 +1615,10 @@ system.cache.desc.effectiveness=* Effectiveness measures how well your cache is
 system.cache.total=Total:
 system.cache.clear-selected=Clear Selected
+# Upgrade process
+upgrade.database.old_schema=Found old database version. Upgrading...
+upgrade.database.unknown_db=Warning: database type unknown. You must manually upgrade your database.
+upgrade.database.interbase_db=Warning: automatic upgrades of Interbase are not supported. You \
+    must manually upgrade your database.
+upgrade.database.success=Database upgraded successfully.
+upgrade.database.failure=Database upgrade failed. Please manually upgrade your database.
\ No newline at end of file
--- a/src/i18n/wildfire_i18n_nl.properties
+++ b/src/i18n/wildfire_i18n_nl.properties
@@ -1501,3 +1501,9 @@ system.cache.desc.effectiveness=* Effectiveness measures how well your cache is
 system.cache.total=Total:
 system.cache.clear-selected=Clear Selected
+database.upgrade.old_schema=Found old database version. Upgrading...
+database.upgrade.unknown_db=Warning: database type unknown. You must manually upgrade your database.
+database.upgrade.interbase_db=Warning: automatic upgrades of Interbase are not supported. You \
+    must manually upgrade your database.
+upgrade.database.success=Database upgraded successfully.
+upgrade.database.failure=Database upgrade failed. Please manually upgrade your database.
\ No newline at end of file
--- a/src/i18n/wildfire_i18n_pl_PL.properties
+++ b/src/i18n/wildfire_i18n_pl_PL.properties
@@ -1477,3 +1477,9 @@ system.cache.desc.effectiveness=* Effectiveness measures how well your cache is
 system.cache.total=Total:
 system.cache.clear-selected=Clear Selected
+# Upgrade process
+upgrade.database.old_schema=Found old database version. Upgrading...
+upgrade.database.unknown_db=Warning: database type unknown. You must manually upgrade your database.
+upgrade.database.interbase_db=Warning: automatic upgrades of Interbase are not supported. You \
+    must manually upgrade your database.
+upgrade.database.done=Database upgraded successfully.
\ No newline at end of file
--- a/src/i18n/wildfire_i18n_pt_BR.properties
+++ b/src/i18n/wildfire_i18n_pt_BR.properties
@@ -1131,7 +1131,6 @@ setup.datasource.settings.embedded_info=Utilize um banco de dados interno, manti
 # Setup datasource standard Page
-setup.datasource.standard.title=Database Settings - Standard Connection
 setup.datasource.standard.title=Configura\u00e7\u00f5es do Banco de Dados - Conex\u00e3o Padr\u00e3o
 setup.datasource.standard.label=Predefini\u00e7\u00f5es do Driver de Banco de Dados
 setup.datasource.standard.info=Especifique um driver JDBC e as propriedades da conex\u00e3o para conectar ao seu \
@@ -1504,3 +1503,10 @@ system.cache.desc.effectiveness=* Effectiveness measures how well your cache is
 system.cache.total=Total:
 system.cache.clear-selected=Clear Selected
+# Upgrade process
+upgrade.database.old_schema=Found old database version. Upgrading...
+upgrade.database.unknown_db=Warning: database type unknown. You must manually upgrade your database.
+upgrade.database.interbase_db=Warning: automatic upgrades of Interbase are not supported. You \
+    must manually upgrade your database.
+upgrade.database.success=Database upgraded successfully.
+upgrade.database.failure=Database upgrade failed. Please manually upgrade your database.
\ No newline at end of file
--- a/src/i18n/wildfire_i18n_zh_CN.properties
+++ b/src/i18n/wildfire_i18n_zh_CN.properties
@@ -1375,8 +1375,15 @@ system.cache.desc.effectiveness=* Effectiveness measures how well your cache is
 system.cache.total=Total:
 system.cache.clear-selected=Clear Selected
-# Publish-Subscribe
+# Upgrade process
+upgrade.database.old_schema=Found old database version. Upgrading...
+upgrade.database.unknown_db=Warning: database type unknown. You must manually upgrade your database.
+upgrade.database.interbase_db=Warning: automatic upgrades of Interbase are not supported. You \
+    must manually upgrade your database.
+upgrade.database.success=Database upgraded successfully.
+upgrade.database.failure=Database upgrade failed. Please manually upgrade your database.
+# Publish-Subscribe
 startup.starting.pubsub=\u53d1\u5e03-\u8ba2\u9605\u57df\uff1a{0}
 pubsub.form.default.title=\u9ed8\u8ba4\u8282\u70b9\u914d\u7f6e
 pubsub.form.default.instruction=\u7528\u9ed8\u8ba4\u7684\u914d\u7f6e\u8bbe\u5b9a\u65b0\u521b\u5efa\u7684\u8282\u70b9\u3002
@@ -1423,4 +1430,4 @@ pubsub.form.subscription.include_body=\u9664\u4e86\u6709\u6548\u8f7d\u8377\u5916
 pubsub.form.subscription.show-values=\u5728\u7ebf\u7c7b\u578b\u5141\u8bb8\u63a5\u6536\u901a\u77e5
 pubsub.form.subscription.subscription_type=\u63a5\u6536\u901a\u77e5\u7684\u9879\u76ee\u6216\u8282\u70b9
 pubsub.form.subscription.subscription_depth=\u4ece\u6240\u6709\u7684\u8282\u70b9\u6216\u76f4\u63a5\u5b50\u8282\u70b9\u63a5\u6536\u901a\u77e5
 pubsub.form.subscription.keywords=\u5173\u5065\u5b57\u5339\u914d
\ No newline at end of file
--- a/src/java/org/jivesoftware/database/DbConnectionManager.java
+++ b/src/java/org/jivesoftware/database/DbConnectionManager.java
@@ -15,13 +15,9 @@ package org.jivesoftware.database;
 import org.jivesoftware.util.ClassUtils;
 import org.jivesoftware.util.JiveGlobals;
 import org.jivesoftware.util.Log;
+import org.jivesoftware.util.LocaleUtils;
-import java.io.BufferedReader;
+import java.io.*;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.Reader;
-import java.io.StringReader;
-import java.io.StringWriter;
 import java.sql.Connection;
 import java.sql.DatabaseMetaData;
 import java.sql.PreparedStatement;
@@ -32,7 +28,7 @@ import java.sql.Statement;
 /**
 * Central manager of database connections. All methods are static so that they
 * can be easily accessed throughout the classes in the database package.<p>
- * <p/>
+ *
 * This class also provides a set of utility methods that abstract out
 * operations that may not work on all databases such as setting the max number
 * or rows that a query should return.
@@ -42,20 +38,16 @@ import java.sql.Statement;
 */
 public class DbConnectionManager {
+    private static final String CHECK_VERSION_OLD =
+            "SELECT minorVersion FROM jiveVersion";
    private static final String CHECK_VERSION =
-            "SELECT majorVersion, minorVersion FROM jiveVersion";
+            "SELECT version FROM jiveVersion WHERE name=?";
    /**
-     * Database schema major version. The schema version corresponds to the
+     * Database schema version.
-     * product release version, but may not exactly match in the case that
-     * the product version has advanced without schema changes.
     */
-    private static final int CURRENT_MAJOR_VERSION = 2;
+    private static final int DATABASE_VERSION = 6;
-    /**
-     * Database schema minor version.
-     */
-    private static final int CURRENT_MINOR_VERSION = 5;
    private static ConnectionProvider connectionProvider;
    private static final Object providerLock = new Object();
@@ -455,9 +447,8 @@ public class DbConnectionManager {
                    upgradeDatabase(con);
                }
                catch (Exception e) {
-                    Log.error("Database upgrade failed. Please manually upgrade your database.", e);
+                    Log.error(LocaleUtils.getLocalizedString("upgrade.database.failure"), e);
-                    System.out.println("Database upgrade failed. Please manually upgrade your " +
+                    System.out.println(LocaleUtils.getLocalizedString("upgrade.database.failure"));
-                            "database.");
                }
            }
            catch (Exception e) {
@@ -805,26 +796,33 @@ public class DbConnectionManager {
     * @throws SQLException if an error occured.
     */
    private static boolean upgradeDatabase(Connection con) throws Exception {
-        int majorVersion;
+        int version = 0;
-        int minorVersion;
        PreparedStatement pstmt = null;
        try {
            pstmt = con.prepareStatement(CHECK_VERSION);
+            pstmt.setString(1, "wildfire");
            ResultSet rs = pstmt.executeQuery();
-            // If no results, assume the version is 2.0.
+            rs.next();
-            if (!rs.next()) {
+            version = rs.getInt(1);
-                majorVersion = 2;
-                minorVersion = 0;
-            }
-            majorVersion = rs.getInt(1);
-            minorVersion = rs.getInt(2);
            rs.close();
        }
        catch (SQLException sqle) {
-            // If the table doesn't exist, an error will be thrown. Therefore
+            // Releases of Wildfire before 2.6.0 stored a major and minor version
-            // assume the version is 2.0.
+            // number so the normal check for version can fail. Check for the
-            majorVersion = 2;
+            // version using the old format in that case.
-            minorVersion = 0;
+            try {
+                if (pstmt != null) {
+                    pstmt.close();
+                }
+                pstmt = con.prepareStatement(CHECK_VERSION_OLD);
+                ResultSet rs = pstmt.executeQuery();
+                rs.next();
+                version = rs.getInt(1);
+                rs.close();
+            }
+            catch (SQLException sqle2) {
+                // Must be database version 0.
+            }
        }
        finally {
            try {
@@ -836,44 +834,34 @@ public class DbConnectionManager {
                Log.error(e);
            }
        }
-        if (majorVersion == CURRENT_MAJOR_VERSION && minorVersion == CURRENT_MINOR_VERSION) {
+        if (version == DATABASE_VERSION) {
            return false;
        }
        // The database is an old version that needs to be upgraded.
-        Log.info("Found old database schema (" + majorVersion + "." + minorVersion + "). " +
+        Log.info(LocaleUtils.getLocalizedString("upgrade.database.old_schema"));
-                "Upgrading to latest schema.");
+        System.out.println(LocaleUtils.getLocalizedString("upgrade.database.old_schema"));
-        System.out.println("Found old database schema (" + majorVersion + "." +
-                minorVersion + "). " + "Upgrading to latest schema.");
        if (databaseType == DatabaseType.unknown) {
-            Log.info("Warning: database type unknown. You must manually upgrade your database.");
+            Log.info(LocaleUtils.getLocalizedString("upgrade.database.unknown_db"));
-            System.out.println("Warning: database type unknown. You must manually upgrade your " +
+            System.out.println(LocaleUtils.getLocalizedString("upgrade.database.unknown_db"));
-                    "database.");
            return false;
        }
        else if (databaseType == DatabaseType.interbase) {
-            Log.info("Warning: automatic upgrades of Interbase are not supported. You " +
+            Log.info(LocaleUtils.getLocalizedString("upgrade.database.interbase_db"));
-                    "must manually upgrade your database.");
+            System.out.println(LocaleUtils.getLocalizedString("upgrade.database.interbase_db"));
-            System.out.println("Warning: automatic upgrades of Interbase are not supported. You " +
-                    "must manually upgrade your database.");
            return false;
        }
        // Run all upgrade scripts until we're up to the latest schema.
-        for (int i = minorVersion; i < CURRENT_MINOR_VERSION; i++) {
+        for (int i = version+1; i <= DATABASE_VERSION; i++) {
            BufferedReader in = null;
            Statement stmt;
            try {
-                // Resource will be like "/database/upgrade/2.0_to_2.1/wildfire_hsqldb.sql"
+                // Resource will be like "/database/upgrade/6/wildfire_hsqldb.sql"
-                String resourceName = "/database/upgrade/" + CURRENT_MAJOR_VERSION + "." + i +
+                String resourceName = "/database/upgrade/" + i + "/wildfire_" +
-                        "_to_" + CURRENT_MAJOR_VERSION + "." + (i + 1) + "/wildfire_" +
                        databaseType + ".sql";
                InputStream resource = DbConnectionManager.class.getResourceAsStream(resourceName);
                if (resource == null) {
-                    Log.info("Warning: Make sure that database was not modified for release: " +
+                    // If the resource is null, the specific upgrade number is not available.
-                            CURRENT_MAJOR_VERSION + "." + (i + 1) + ". Upgrade script not found: " +
-                            resourceName);
-                    System.out.println("Warning: Make sure that database was not modified for " +
-                            "release: " + CURRENT_MAJOR_VERSION + "." + (i + 1) +
-                            ". Upgrade script not found: " + resourceName);
                    continue;
                }
                in = new BufferedReader(new InputStreamReader(resource));
@@ -901,16 +889,15 @@ public class DbConnectionManager {
                        stmt.close();
                    }
                }
+                // If the version is greater than 6, automatically update the version information.
+                // Previous to version 6, the upgrade scripts set the version themselves.
+                if (version > 6) {
+                    stmt = con.createStatement();
+                    stmt.execute("UPDATE jiveVersion SET version=" + i + " WHERE name='wildfire'");
+                    stmt.close();
+                }
            }
            finally {
-                try {
-                    if (pstmt != null) {
-                        pstmt.close();
-                    }
-                }
-                catch (Exception e) {
-                    Log.error(e);
-                }
                if (in != null) {
                    try {
                        in.close();
@@ -921,8 +908,8 @@ public class DbConnectionManager {
                }
            }
        }
-        Log.info("Database upgraded successfully.");
+        Log.info(LocaleUtils.getLocalizedString("upgrade.database.success"));
-        System.out.println("Database upgraded successfully.");
+        System.out.println(LocaleUtils.getLocalizedString("upgrade.database.success"));
        return true;
    }

--- a/src/java/org/jivesoftware/util/Blowfish.java
+++ b/src/java/org/jivesoftware/util/Blowfish.java
--- a/src/java/org/jivesoftware/wildfire/XMPPServer.java
+++ b/src/java/org/jivesoftware/wildfire/XMPPServer.java
@@ -254,7 +254,7 @@ public class XMPPServer {
        name = JiveGlobals.getProperty("xmpp.domain", "127.0.0.1").toLowerCase();
-        version = new Version(2, 5, 1, Version.ReleaseStatus.Release, -1);
+        version = new Version(2, 6, 0, Version.ReleaseStatus.Beta, -1);
        if ("true".equals(JiveGlobals.getXMLProperty("setup"))) {
            setupMode = false;
        }
@@ -502,8 +502,8 @@ public class XMPPServer {
            if (isRestartable()) {
                try {
                    Class wrapperClass = Class.forName(WRAPPER_CLASSNAME);
-                    Method stopMethod = wrapperClass.getMethod("stop", new Class[]{Integer.TYPE});
+                    Method stopMethod = wrapperClass.getMethod("stop", Integer.TYPE);
-                    stopMethod.invoke(null, new Object[]{0});
+                    stopMethod.invoke(null, 0);
                }
                catch (Exception e) {
                    Log.error("Could not stop container", e);
@@ -530,7 +530,7 @@ public class XMPPServer {
    }
    public boolean isRestartable() {
-        boolean restartable = false;
+        boolean restartable;
        try {
            restartable = Class.forName(WRAPPER_CLASSNAME) != null;
        }
@@ -548,7 +548,7 @@ public class XMPPServer {
     * @return true if the server is running in standalone mode.
     */
    public boolean isStandAlone() {
-        boolean standalone = false;
+        boolean standalone;
        try {
            standalone = Class.forName(STARTER_CLASSNAME) != null;
        }
@@ -595,7 +595,7 @@ public class XMPPServer {
     * We do the verification by checking for the Wildfire config file in
     * the config dir of jiveHome.
     *
-     * @param homeGuess      a guess at the path to the home directory.
+     * @param homeGuess a guess at the path to the home directory.
     * @param jiveConfigName the name of the config file to check.
     * @return a file pointing to the home directory or null if the
     *         home directory guess was wrong.
@@ -603,22 +603,18 @@ public class XMPPServer {
     *                                       directory provided
     */
    private File verifyHome(String homeGuess, String jiveConfigName) throws FileNotFoundException {
-        File realHome = null;
+        File wildfireHome = new File(homeGuess);
-        File guess = new File(homeGuess);
+        File configFile = new File(wildfireHome, jiveConfigName);
-        File configFileGuess = new File(guess, jiveConfigName);
+        if (!configFile.exists()) {
-        if (configFileGuess.exists()) {
-            realHome = guess;
-        }
-        File wildfireHome = new File(guess, jiveConfigName);
-        if (!wildfireHome.exists()) {
            throw new FileNotFoundException();
        }
+        else {
-        try {
+            try {
-            return new File(realHome.getCanonicalPath());
+                return new File(wildfireHome.getCanonicalPath());
-        }
+            }
-        catch (Exception ex) {
+            catch (Exception ex) {
-            throw new FileNotFoundException();
+                throw new FileNotFoundException();
+            }
        }
    }

--- a/src/java/org/jivesoftware/wildfire/auth/DefaultAuthProvider.java
+++ b/src/java/org/jivesoftware/wildfire/auth/DefaultAuthProvider.java
@@ -11,13 +11,8 @@
 package org.jivesoftware.wildfire.auth;
-import org.jivesoftware.database.DbConnectionManager;
+import org.jivesoftware.wildfire.user.UserNotFoundException;
-import org.jivesoftware.util.Log;
+import org.jivesoftware.wildfire.user.DefaultUserProvider;
-import java.sql.Connection;
-import java.sql.PreparedStatement;
-import java.sql.ResultSet;
-import java.sql.SQLException;
 /**
 * Default AuthProvider implementation. It authenticates against the <tt>jiveUser</tt>
@@ -30,41 +25,33 @@ import java.sql.SQLException;
 */
 public class DefaultAuthProvider implements AuthProvider {
-    private static final String AUTHORIZE =
+    private DefaultUserProvider userProvider;
-        "SELECT username FROM jiveUser WHERE username=? AND password=?";
-    private static final String SELECT_PASSWORD =
+    /**
-        "SELECT password FROM jiveUser WHERE username=?";
+     * Constructs a new DefaultAuthProvider.
+     */
+    public DefaultAuthProvider() {
+        // Create a new default user provider since we need it to get the
+        // user's password. We always create our own user provider because
+        // we don't know what user provider is configured for the system and
+        // the contract of this class is to authenticate against the jiveUser
+        // database table.
+        userProvider = new DefaultUserProvider();
+    }
    public void authenticate(String username, String password) throws UnauthorizedException {
        if (username == null || password == null) {
            throw new UnauthorizedException();
        }
        username = username.trim().toLowerCase();
-        Connection con = null;
-        PreparedStatement pstmt = null;
        try {
-            con = DbConnectionManager.getConnection();
+            if (!password.equals(userProvider.getPassword(username))) {
-            pstmt = con.prepareStatement(AUTHORIZE);
-            pstmt.setString(1, username);
-            pstmt.setString(2, password);
-            ResultSet rs = pstmt.executeQuery();
-            // If the query has no results, the username and password
-            // did not match a user record. Therefore, throw an exception.
-            if (!rs.next()) {
                throw new UnauthorizedException();
            }
-            rs.close();
        }
-        catch (SQLException e) {
+        catch (UserNotFoundException unfe) {
-            Log.error("Exception in DbAuthProvider", e);
            throw new UnauthorizedException();
        }
-        finally {
-            try { if (pstmt != null) pstmt.close(); }
-            catch (Exception e) { Log.error(e); }
-            try { if (con != null) con.close(); }
-            catch (Exception e) { Log.error(e); }
-        }
        // Got this far, so the user must be authorized.
    }
@@ -73,37 +60,16 @@ public class DefaultAuthProvider implements AuthProvider {
            throw new UnauthorizedException();
        }
        username = username.trim().toLowerCase();
-        Connection con = null;
-        PreparedStatement pstmt = null;
        try {
-            con = DbConnectionManager.getConnection();
+            String password = userProvider.getPassword(username);
-            pstmt = con.prepareStatement(SELECT_PASSWORD);
+            String anticipatedDigest = AuthFactory.createDigest(token, password);
-            pstmt.setString(1, username);
-            ResultSet rs = pstmt.executeQuery();
-            // If the query had no results, the username and password
-            // did not match a user record. Therefore, throw an exception.
-            if (!rs.next()) {
-                throw new UnauthorizedException();
-            }
-            String pass = rs.getString(1);
-            String anticipatedDigest = AuthFactory.createDigest(token, pass);
            if (!digest.equalsIgnoreCase(anticipatedDigest)) {
                throw new UnauthorizedException();
            }
-            rs.close();
        }
-        catch (SQLException e) {
+        catch (UserNotFoundException unfe) {
-            Log.error("Exception in DbAuthProvider", e);
            throw new UnauthorizedException();
        }
-        finally {
-            try { if (pstmt != null) pstmt.close(); }
-            catch (Exception e) { Log.error(e); }
-            try { if (con != null) con.close(); }
-            catch (Exception e) { Log.error(e); }
-        }
        // Got this far, so the user must be authorized.
    }

--- a/src/java/org/jivesoftware/wildfire/user/DefaultUserProvider.java
+++ b/src/java/org/jivesoftware/wildfire/user/DefaultUserProvider.java
@@ -12,19 +12,23 @@
 package org.jivesoftware.wildfire.user;
 import org.jivesoftware.database.DbConnectionManager;
-import org.jivesoftware.util.LocaleUtils;
+import org.jivesoftware.util.*;
-import org.jivesoftware.util.Log;
-import org.jivesoftware.util.StringUtils;
 import org.jivesoftware.wildfire.vcard.VCardManager;
 import java.sql.*;
 import java.util.*;
 import java.util.Date;
 /**
 * Default implementation of the UserProvider interface, which reads and writes data
- * from the <tt>jiveUser</tt> database table.
+ * from the <tt>jiveUser</tt> database table.<p>
+ *
+ * Passwords can be stored as plain text, or encrypted using Blowfish. The
+ * encryption/decryption key is stored as the Wildfire property <tt>passwordKey</tt>,
+ * which is automatically created on first-time use. It's critical that the password key
+ * not be changed once created, or existing passwords will be lost. By default
+ * passwords will be stored encrypted. Plain-text password storage can be enabled
+ * by setting the Wildfire property <tt>user.usePlainPassword</tt> to <tt>true</tt>.
 *
 * @author Matt Tucker
 */
@@ -37,8 +41,8 @@ public class DefaultUserProvider implements UserProvider {
    private static final String ALL_USERS =
            "SELECT username FROM jiveUser";
    private static final String INSERT_USER =
-            "INSERT INTO jiveUser (username,password,name,email,creationDate,modificationDate) " +
+            "INSERT INTO jiveUser (username,password,encryptedPassword,name,email,creationDate,modificationDate) " +
-            "VALUES (?,?,?,?,?,?)";
+            "VALUES (?,?,?,?,?,?,?)";
    private static final String DELETE_USER_PROPS =
            "DELETE FROM jiveUserProp WHERE username=?";
    private static final String DELETE_USER =
@@ -52,9 +56,33 @@ public class DefaultUserProvider implements UserProvider {
    private static final String UPDATE_MODIFICATION_DATE =
            "UPDATE jiveUser SET modificationDate=? WHERE username=?";
    private static final String LOAD_PASSWORD =
-            "SELECT password FROM jiveUser WHERE username=?";
+            "SELECT password,encryptedPassword FROM jiveUser WHERE username=?";
    private static final String UPDATE_PASSWORD =
-            "UPDATE jiveUser SET password=? WHERE username=?";
+            "UPDATE jiveUser SET password=?, encryptedPassword=? WHERE username=?";
+    private static Blowfish cipher = null;
+    private static synchronized Blowfish getCipher() {
+        if (cipher != null) {
+            return cipher;
+        }
+        // Get the password key, stored as a database property. Obviously,
+        // protecting your database is critical for making the
+        // encryption fully secure.
+        String keyString;
+        try {
+            keyString = JiveGlobals.getProperty("passwordKey");
+            if (keyString == null) {
+                keyString = StringUtils.randomString(15);
+                JiveGlobals.setProperty("passwordKey", keyString);
+            }
+            cipher = new Blowfish(keyString);
+        }
+        catch (Exception e) {
+            Log.error(e);
+        }
+        return cipher;
+    }
    public User loadUser(String username) throws UserNotFoundException {
        Connection con = null;
@@ -100,6 +128,16 @@ public class DefaultUserProvider implements UserProvider {
        }
        catch (UserNotFoundException unfe) {
            // The user doesn't already exist so we can create a new user
+            // Determine if the password should be stored as plain text or encrypted.
+            boolean usePlainPassword = JiveGlobals.getBooleanProperty("user.usePlainPassword");
+            String encryptedPassword = null;
+            if (!usePlainPassword) {
+                encryptedPassword = getCipher().encryptString(password);
+                // Set password to null so that it's inserted that way.
+                password = null;
+            }
            Date now = new Date();
            Connection con = null;
            PreparedStatement pstmt = null;
@@ -107,21 +145,32 @@ public class DefaultUserProvider implements UserProvider {
                con = DbConnectionManager.getConnection();
                pstmt = con.prepareStatement(INSERT_USER);
                pstmt.setString(1, username);
-                pstmt.setString(2, password);
+                if (password == null) {
-                if (name == null) {
+                    pstmt.setNull(2, Types.VARCHAR);
+                }
+                else {
+                    pstmt.setString(2, password);
+                }
+                if (encryptedPassword == null) {
                    pstmt.setNull(3, Types.VARCHAR);
                }
                else {
-                    pstmt.setString(3, name);
+                    pstmt.setString(3, encryptedPassword);
                }
-                if (email == null) {
+                if (name == null) {
                    pstmt.setNull(4, Types.VARCHAR);
                }
                else {
-                    pstmt.setString(4, email);
+                    pstmt.setString(4, name);
+                }
+                if (email == null) {
+                    pstmt.setNull(5, Types.VARCHAR);
+                }
+                else {
+                    pstmt.setString(5, email);
                }
-                pstmt.setString(5, StringUtils.dateToMillis(now));
                pstmt.setString(6, StringUtils.dateToMillis(now));
+                pstmt.setString(7, StringUtils.dateToMillis(now));
                pstmt.execute();
            }
            catch (Exception e) {
@@ -150,7 +199,9 @@ public class DefaultUserProvider implements UserProvider {
            try {
                VCardManager.getInstance().deleteVCard(username);
            }
-            catch (UnsupportedOperationException e) {}
+            catch (UnsupportedOperationException e) {
+                // Ignore.
+            }
            // Delete all of the users's extended properties
            con = DbConnectionManager.getTransactionConnection();
            pstmt = con.prepareStatement(DELETE_USER_PROPS);
@@ -223,7 +274,7 @@ public class DefaultUserProvider implements UserProvider {
            try { if (con != null) { con.close(); } }
            catch (Exception e) { Log.error(e); }
        }
-        return new UserCollection((String[])usernames.toArray(new String[usernames.size()]));
+        return new UserCollection(usernames.toArray(new String[usernames.size()]));
    }
    public Collection<User> getUsers(int startIndex, int numResults) {
@@ -252,7 +303,7 @@ public class DefaultUserProvider implements UserProvider {
            try { if (con != null) { con.close(); } }
            catch (Exception e) { Log.error(e); }
        }
-        return new UserCollection((String[])usernames.toArray(new String[usernames.size()]));
+        return new UserCollection(usernames.toArray(new String[usernames.size()]));
    }
    public void setName(String username, String name) throws UserNotFoundException {
@@ -370,7 +421,14 @@ public class DefaultUserProvider implements UserProvider {
            if (!rs.next()) {
                throw new UserNotFoundException(username);
            }
-            return rs.getString(1);
+            String plainText = rs.getString(1);
+            String encrypted = rs.getString(2);
+            if (encrypted != null) {
+                return getCipher().decryptString(encrypted);
+            }
+            else {
+                return plainText;
+            }
        }
        catch (SQLException sqle) {
            throw new UserNotFoundException(sqle);
@@ -388,12 +446,30 @@ public class DefaultUserProvider implements UserProvider {
            // Reject the operation since the provider is read-only
            throw new UnsupportedOperationException();
        }
+        // Determine if the password should be stored as plain text or encrypted.
+        boolean usePlainPassword = JiveGlobals.getBooleanProperty("user.usePlainPassword");
+        String encryptedPassword = null;
+        if (!usePlainPassword) {
+            encryptedPassword = getCipher().encryptString(password);
+            // Set password to null so that it's inserted that way.
+            password = null;
+        }
        Connection con = null;
        PreparedStatement pstmt = null;
        try {
            con = DbConnectionManager.getConnection();
            pstmt = con.prepareStatement(UPDATE_PASSWORD);
-            pstmt.setString(1, password);
+            if (password == null) {
+                pstmt.setNull(1, Types.VARCHAR);
+            }
+            else {
+                pstmt.setString(1, password);
+            }
+            if (encryptedPassword == null) {
+                pstmt.setNull(2, Types.VARCHAR);
+            }
            pstmt.setString(2, username);
            pstmt.executeUpdate();
        }
@@ -474,7 +550,7 @@ public class DefaultUserProvider implements UserProvider {
            try { if (con != null) { con.close(); } }
            catch (Exception e) { Log.error(e); }
        }
-        return new UserCollection((String[])usernames.toArray(new String[usernames.size()]));
+        return new UserCollection(usernames.toArray(new String[usernames.size()]));
    }
    public Collection<User> findUsers(Set<String> fields, String query, int startIndex,
@@ -543,7 +619,7 @@ public class DefaultUserProvider implements UserProvider {
            try { if (con != null) { con.close(); } }
            catch (Exception e) { Log.error(e); }
        }
-        return new UserCollection((String[])usernames.toArray(new String[usernames.size()]));
+        return new UserCollection(usernames.toArray(new String[usernames.size()]));
    }
    public boolean isReadOnly() {