Community
Participate
Working Groups
Build Identifier: 2.0.2.v20100323-r6872 if the applications uses JNDIConnetion, then a problem can occurs when 2 threads want to create a new login and both of them are in DatasourceLogin.prepareProperties. Because both of them decryt the password the password is decrypted twice and the login fails, eg. for Oracle Internal Exception: java.sql.SQLException: ORA-01017: invalid username/password; logon denied Solution: Make method synchronized Reproducible: Sometimes Steps to Reproduce: 1.Use JNDI Connectivy 2.Configure your Connection parameter that Connections are often opened 3.Make many parallel tasks
Created attachment 174725 [details] StackTrace of LoginDenied
Created attachment 174726 [details] Changes made To DatasourceLogin
>Ursula, Thank you for the patch, we will need to see how synchronizing the method affects performance based on queueing concurrent access to this method by hammering a multithreaded SE app. I would like to read your comments to the method could you post a transalation of the text - thank you /michael
This is a translated more describing comment of the method Within the project Gabor the problem rised, that two threads are in this method concurrently, it seems that the password is decrypted twice. The effect was that the login was that eclipse want to login with Connect user = GABOR_SLES9ORA10 passwort = 4A827CAEBD34A76F07F84E00F3FA0C03D2AEA351E127A79B instead of correct password = GABOR_SLES9ORA10 We found this with some printouts in this method after decyprting the password Normaly wenn everything is ok the output look like this Password before 4A827CAEBD34A76F07F84E00F3FA0C03D2AEA351E127A79B Password decrypted , GABOR_SLES9ORA10 Connect user = GABOR_SLES9ORA10 passwort = GABOR_SLES9ORA10 I case of a wrong password i looks like this Password before 4A827CAEBD34A76F07F84E00F3FA0C03D2AEA351E127A79B Password before 4A827CAEBD34A76F07F84E00F3FA0C03D2AEA351E127A79B Password decrypted , 4A827CAEBD34A76F07F84E00F3FA0C03D2AEA351E127A79B Connect user = GABOR_SLES9ORA10 passwort = 4A827CAEBD34A76F07F84E00F3FA0C03D2AEA351E127A79B In the stacktraces of the threaddumps we saw that thow thread are in this method. This leads to the problem that it was not possible to make new connections and the user also was locked in oracle administrations because to many wrong logins !
Ursula, thank you for above, we will discuss this bug in the 2.2 prioritization queue, you may as a non-committer vote on it to raise it's priority
I believe this is resolved with the fix for 318187 (putting synchronization on the decrypt method)and so am closing this as a duplicate. The fix for 318187 is available in 2.1.1 and main in the nightly builds as of 2010-08-09. *** This bug has been marked as a duplicate of bug 318187 ***
The Eclipselink project has moved to Github: https://github.com/eclipse-ee4j/eclipselink
