Community
Participate
Working Groups
Build Identifier: 2.0.2 Details can be found in the forum thread: http://www.eclipse.org/forums/index.php?t=msg&th=170167&start=0& Basically, it sounds like the fix for Toplink/3927740 did not get pulled into Eclipselink, that being synchronization of JCEEncryptor.decryptPassword(). So when using an external datasource, the method gets called with every DB call and being that decryptPassword() is not threadsafe, it will occasional blow up. Not sure if this affects anything else. Hopefully someone with access to the Toplink bug database can simply re-apply the Toplink fix to the Eclipselink codebase. Reproducible: Sometimes Steps to Reproduce: 1. Configure app to use Tomcat JNDI. 2. Set password field-javax.persistence.jdbc.password-to something (note, this won't actually be used for the JNDI datasource, this is just how we had things configured). 3. Apply high load to the system (triggering DB calls). In theory, you could also just run JCEEncryptor.decryptPassword() repeatedly in a threaded scenario.
Investigating
Created attachment 175524 [details] proposed fix and testcase
fix checked into main and 2.1.1 on Aug 6th
*** Bug 320375 has been marked as a duplicate of this bug. ***
The Eclipselink project has moved to Github: https://github.com/eclipse-ee4j/eclipselink