Description lists 2010-06-28 10:47:13 EDT

Build Identifier: 2.0.2

Details can be found in the forum thread:

http://www.eclipse.org/forums/index.php?t=msg&th=170167&start=0&

Basically, it sounds like the fix for Toplink/3927740 did not get pulled into Eclipselink, that being synchronization of JCEEncryptor.decryptPassword(). So when using an external datasource, the method gets called with every DB call and being that decryptPassword() is not threadsafe, it will occasional blow up. Not sure if this affects anything else. Hopefully someone with access to the Toplink bug database can simply re-apply the Toplink fix to the Eclipselink codebase.

Reproducible: Sometimes

Steps to Reproduce:
1. Configure app to use Tomcat JNDI.
2. Set password field-javax.persistence.jdbc.password-to something (note, this won't actually be used for the JNDI datasource, this is just how we had things configured).
3. Apply high load to the system (triggering DB calls).

In theory, you could also just run JCEEncryptor.decryptPassword() repeatedly in a threaded scenario.