You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2008/07/22 11:25:02 UTC
DO NOT REPLY [Bug 45453] New: JDBCRealm.
getRoles bad synchronization causes hangs w/ DIGEST authentication
https://issues.apache.org/bugzilla/show_bug.cgi?id=45453
Summary: JDBCRealm.getRoles bad synchronization causes hangs w/
DIGEST authentication
Product: Tomcat 5
Version: 5.5.26
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: santtu.hyrkko@ekahau.com
JDBCRealm.getRoles bad synchronization causes hangs w/ DIGEST authentication
JDBCRealm caches PreparedStatement preparedRoles. That, and missing
synchronization in JDBCRealm and/or DigestAuthenticator allow two threads to
call getRoles simultaneously so that T1 will do stmt.executeQuery() while T2
does stmt.setString(1, userName) plus another .executeQuery() on the same
PreparedStatement object.
In the worst case, the JDBC driver gets confused by this, and blocks forever
waiting for server response, causing all other threads that try to access DB
hang. (This was observed with PostgreSQL 8.3-603-jdbc4 JDBC driver)
org.postgresql.jdbc2.AbstractJdbc2Statement.execute(AbstractJdbc2Statement.java:451)
org.postgresql.jdbc2.AbstractJdbc2Statement.executeWithFlags(AbstractJdbc2Statement.java:350)
org.postgresql.jdbc2.AbstractJdbc2Statement.executeQuery(AbstractJdbc2Statement.java:254)
org.apache.catalina.realm.JDBCRealm.getRoles(JDBCRealm.java:631)
org.apache.catalina.realm.JDBCRealm.getPrincipal(JDBCRealm.java:596)
org.apache.catalina.realm.RealmBase.authenticate(RealmBase.java:399)
org.apache.catalina.authenticator.DigestAuthenticator.findPrincipal(DigestAuthenticator.java:283)
org.apache.catalina.authenticator.DigestAuthenticator.authenticate(DigestAuthenticator.java:176)
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 45453] JDBCRealm.getRoles bad synchronization
causes hangs w/ DIGEST authentication
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=45453
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Component|Catalina |Catalina
Product|Tomcat 6 |Tomcat 5
Target Milestone|default |---
Version|6.0.16 |5.5.26
--- Comment #5 from Mark Thomas <ma...@apache.org> 2008-08-13 15:05:09 PST ---
This has been fixed in 6.0.x and will be included in 6.0.19 onwards.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 45453] JDBCRealm.getRoles bad synchronization
causes hangs w/ DIGEST authentication
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=45453
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #6 from Mark Thomas <ma...@apache.org> 2008-08-14 02:37:32 PST ---
This has been fixed 5.5.x and will be included in 5.5.27 onwards
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 45453] JDBCRealm.
getRoles bad synchronization causes hangs w/ DIGEST authentication
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=45453
Santtu Hyrkk <sa...@ekahau.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Component|Catalina |Catalina
Keywords| |PatchAvailable
Product|Tomcat 5 |Tomcat 6
Target Milestone|--- |default
Version|5.5.26 |6.0.16
--- Comment #3 from Santtu Hyrkk <sa...@ekahau.com> 2008-07-23 01:01:45 PST ---
The problem is also in 6.0.16
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 45453] JDBCRealm.
getRoles bad synchronization causes hangs w/ DIGEST authentication
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=45453
--- Comment #2 from Santtu Hyrkk <sa...@ekahau.com> 2008-07-23 00:54:33 PST ---
Created an attachment (id=22302)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=22302)
proposed patch for tomcat-5.5.26
synchronize JDBCRealm.getPrincipal()
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 45453] JDBCRealm.
getRoles bad synchronization causes hangs w/ DIGEST authentication
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=45453
--- Comment #1 from Santtu Hyrkk <sa...@ekahau.com> 2008-07-23 00:54:05 PST ---
Created an attachment (id=22301)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=22301)
proposed patch for tomcat-6.0.16
synchronize JDBCRealm.getPrincipal
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 45453] JDBCRealm.
getRoles bad synchronization causes hangs w/ DIGEST authentication
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=45453
--- Comment #4 from Mark Thomas <ma...@apache.org> 2008-07-29 08:00:47 PST ---
Thanks for the patch. It has been applied to trunk and proposed for 6.0.x and
5.5.x.
Note you will probably be better off using the DataSourceRealm.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org