You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Michael Drechsel (JIRA)" <ji...@apache.org> on 2007/10/10 15:18:50 UTC
[jira] Created: (DBCP-245) SharedPoolDataSource saves wrong
password forever
SharedPoolDataSource saves wrong password forever
-------------------------------------------------
Key: DBCP-245
URL: https://issues.apache.org/jira/browse/DBCP-245
Project: Commons Dbcp
Issue Type: Bug
Affects Versions: 1.2.2
Environment: Use of SharedPoolDataSource see sample code
if (privSharedDS == null)
{
privConPoolDS = new PGConnectionPoolDataSource();
privConPoolDS.setServerName(privServerName);
privConPoolDS.setDatabaseName(privServerDB);
privConPoolDS.setUser(privUser);
privConPoolDS.setPassword(privPassword);
// --------------------------------------
// dbcp caching via SharedPoolDataSource
// --------------------------------------
privSharedDS = new SharedPoolDataSource();
privSharedDS.setConnectionPoolDataSource(privConPoolDS);
privSharedDS.setMaxActive(10); // 0 = no limit
privSharedDS.setMaxIdle(10);
privSharedDS.setMinEvictableIdleTimeMillis(1000);
privSharedDS.setMaxWait(1000); // -1 = no limit
privSharedDS.setTimeBetweenEvictionRunsMillis(1000);
privSharedDS.setTestWhileIdle(true);
}
// --------------------------------------
// dbcp caching via SharedPoolDataSource
// --------------------------------------
tmpCon = privSharedDS.getConnection(privUser, privPassword);
Reporter: Michael Drechsel
Priority: Minor
The SharedPoolDataSource saves wrong password forever
1. Get a connection for user1 (use username of user1 and password of user1) ---> connection ok
2. Get a connection for user2 (use username of user2 and a wrong password) --> connection failed
3. Get a connection for user2 (use username of user2 and password of user2) --> connection will be failed too because the wrong password is stored in the usersKey map.
Bugfix
===================================================================
protected synchronized PooledConnectionAndInfo
getPooledConnectionAndInfo(String username, String password)
throws SQLException {
if (pool == null) {
try {
registerPool(username, password);
} catch (NamingException e) {
throw new SQLNestedException("RegisterPool failed", e);
}
}
PooledConnectionAndInfo info = null;
UserPassKey userPassKey = null;
try {
userPassKey = getUserPassKey(username, password);
info = (PooledConnectionAndInfo) pool
.borrowObject(userPassKey);
}
catch (Exception e) {
if (userKeys != null && userKeys.containsKey(username)) {
userKeys.remove(username);
}
throw new SQLNestedException(
"Could not retrieve connection info from pool", e);
}
return info;
}
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DBCP-245) SharedPoolDataSource saves wrong
password forever
Posted by "Phil Steitz (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DBCP-245?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Phil Steitz updated DBCP-245:
-----------------------------
Affects Version/s: 1.1
1.2
1.2.1
Fix Version/s: 1.3
Thanks for reporting this. It would be great to have the code above put into a patch, with the steps to reproduce put into a test case that fails before and succeeds after the fix.
> SharedPoolDataSource saves wrong password forever
> -------------------------------------------------
>
> Key: DBCP-245
> URL: https://issues.apache.org/jira/browse/DBCP-245
> Project: Commons Dbcp
> Issue Type: Bug
> Affects Versions: 1.1, 1.2, 1.2.1, 1.2.2
> Environment: Use of SharedPoolDataSource see sample code
> if (privSharedDS == null)
> {
> privConPoolDS = new PGConnectionPoolDataSource();
> privConPoolDS.setServerName(privServerName);
> privConPoolDS.setDatabaseName(privServerDB);
> privConPoolDS.setUser(privUser);
> privConPoolDS.setPassword(privPassword);
> // --------------------------------------
> // dbcp caching via SharedPoolDataSource
> // --------------------------------------
> privSharedDS = new SharedPoolDataSource();
> privSharedDS.setConnectionPoolDataSource(privConPoolDS);
> privSharedDS.setMaxActive(10); // 0 = no limit
> privSharedDS.setMaxIdle(10);
> privSharedDS.setMinEvictableIdleTimeMillis(1000);
> privSharedDS.setMaxWait(1000); // -1 = no limit
> privSharedDS.setTimeBetweenEvictionRunsMillis(1000);
> privSharedDS.setTestWhileIdle(true);
> }
> // --------------------------------------
> // dbcp caching via SharedPoolDataSource
> // --------------------------------------
> tmpCon = privSharedDS.getConnection(privUser, privPassword);
> Reporter: Michael Drechsel
> Priority: Minor
> Fix For: 1.3
>
>
> The SharedPoolDataSource saves wrong password forever
> 1. Get a connection for user1 (use username of user1 and password of user1) ---> connection ok
> 2. Get a connection for user2 (use username of user2 and a wrong password) --> connection failed
> 3. Get a connection for user2 (use username of user2 and password of user2) --> connection will be failed too because the wrong password is stored in the usersKey map.
> Bugfix
> ===================================================================
> protected synchronized PooledConnectionAndInfo
> getPooledConnectionAndInfo(String username, String password)
> throws SQLException {
> if (pool == null) {
> try {
> registerPool(username, password);
> } catch (NamingException e) {
> throw new SQLNestedException("RegisterPool failed", e);
> }
> }
> PooledConnectionAndInfo info = null;
> UserPassKey userPassKey = null;
> try {
> userPassKey = getUserPassKey(username, password);
> info = (PooledConnectionAndInfo) pool
> .borrowObject(userPassKey);
> }
> catch (Exception e) {
>
> if (userKeys != null && userKeys.containsKey(username)) {
> userKeys.remove(username);
> }
>
> throw new SQLNestedException(
> "Could not retrieve connection info from pool", e);
> }
> return info;
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (DBCP-245) SharedPoolDataSource saves wrong
password forever
Posted by "Phil Steitz (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DBCP-245?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Phil Steitz resolved DBCP-245.
------------------------------
Resolution: Fixed
Slightly modified version of the suggested fix implemented in r616142.
Thanks!
> SharedPoolDataSource saves wrong password forever
> -------------------------------------------------
>
> Key: DBCP-245
> URL: https://issues.apache.org/jira/browse/DBCP-245
> Project: Commons Dbcp
> Issue Type: Bug
> Affects Versions: 1.1, 1.2, 1.2.1, 1.2.2
> Environment: Use of SharedPoolDataSource see sample code
> if (privSharedDS == null)
> {
> privConPoolDS = new PGConnectionPoolDataSource();
> privConPoolDS.setServerName(privServerName);
> privConPoolDS.setDatabaseName(privServerDB);
> privConPoolDS.setUser(privUser);
> privConPoolDS.setPassword(privPassword);
> // --------------------------------------
> // dbcp caching via SharedPoolDataSource
> // --------------------------------------
> privSharedDS = new SharedPoolDataSource();
> privSharedDS.setConnectionPoolDataSource(privConPoolDS);
> privSharedDS.setMaxActive(10); // 0 = no limit
> privSharedDS.setMaxIdle(10);
> privSharedDS.setMinEvictableIdleTimeMillis(1000);
> privSharedDS.setMaxWait(1000); // -1 = no limit
> privSharedDS.setTimeBetweenEvictionRunsMillis(1000);
> privSharedDS.setTestWhileIdle(true);
> }
> // --------------------------------------
> // dbcp caching via SharedPoolDataSource
> // --------------------------------------
> tmpCon = privSharedDS.getConnection(privUser, privPassword);
> Reporter: Michael Drechsel
> Priority: Minor
> Fix For: 1.3
>
>
> The SharedPoolDataSource saves wrong password forever
> 1. Get a connection for user1 (use username of user1 and password of user1) ---> connection ok
> 2. Get a connection for user2 (use username of user2 and a wrong password) --> connection failed
> 3. Get a connection for user2 (use username of user2 and password of user2) --> connection will be failed too because the wrong password is stored in the usersKey map.
> Bugfix
> ===================================================================
> protected synchronized PooledConnectionAndInfo
> getPooledConnectionAndInfo(String username, String password)
> throws SQLException {
> if (pool == null) {
> try {
> registerPool(username, password);
> } catch (NamingException e) {
> throw new SQLNestedException("RegisterPool failed", e);
> }
> }
> PooledConnectionAndInfo info = null;
> UserPassKey userPassKey = null;
> try {
> userPassKey = getUserPassKey(username, password);
> info = (PooledConnectionAndInfo) pool
> .borrowObject(userPassKey);
> }
> catch (Exception e) {
>
> if (userKeys != null && userKeys.containsKey(username)) {
> userKeys.remove(username);
> }
>
> throw new SQLNestedException(
> "Could not retrieve connection info from pool", e);
> }
> return info;
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DBCP-245) SharedPoolDataSource saves wrong
password forever
Posted by "Michael Drechsel (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DBCP-245?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12539844 ]
Michael Drechsel commented on DBCP-245:
---------------------------------------
Hello Phil Steitz,
thanks for your eMail. Here a have an test case that reproduces the bug.
test case
========
String serverName = "localhost";
String serverDB = "localweb";
String user1 = "doris";
String password1 = "doris";
String user2 = "cramer";
String password2 = "cramer";
Connection con = null;
PGConnectionPoolDataSource ConPoolDS = new
PGConnectionPoolDataSource();
ConPoolDS.setServerName(serverName);
ConPoolDS.setDatabaseName(serverDB);
ConPoolDS.setUser(user1);
ConPoolDS.setPassword(password1);
// --------------------------------------
// dbcp caching via SharedPoolDataSource
// --------------------------------------
SharedPoolDataSource SharedDS = new SharedPoolDataSource();
SharedDS.setConnectionPoolDataSource(ConPoolDS);
SharedDS.setMaxActive(10); // 0 = no limit
SharedDS.setMaxIdle(10);
SharedDS.setMinEvictableIdleTimeMillis(1000);
SharedDS.setMaxWait(1000); // -1 = no limit
SharedDS.setTimeBetweenEvictionRunsMillis(1000);
SharedDS.setTestWhileIdle(true);
try
{
con = SharedDS.getConnection(user1, password1);
}
catch (Exception e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
try
{
con = SharedDS.getConnection(user2, "wrongpassword");
}
catch (Exception e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
try
{
// connection will fail because the wrong password is
stored in the usersKey map.
con = SharedDS.getConnection(user2, password2);
}
catch (Exception e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
steps to reproduce
================
The SharedPoolDataSource saves wrong password forever
1. Get a connection for user1 (use username of user1 and password of user1) ---> connection ok
2. Get a connection for user2 (use username of user2 and a wrong password) --> connection failed
3. Get a connection for user2 (use username of user2 and password of user2) --> connection will be failed too because the wrong password is stored in the usersKey map.
_________________________________________________________________________________________
> SharedPoolDataSource saves wrong password forever
> -------------------------------------------------
>
> Key: DBCP-245
> URL: https://issues.apache.org/jira/browse/DBCP-245
> Project: Commons Dbcp
> Issue Type: Bug
> Affects Versions: 1.1, 1.2, 1.2.1, 1.2.2
> Environment: Use of SharedPoolDataSource see sample code
> if (privSharedDS == null)
> {
> privConPoolDS = new PGConnectionPoolDataSource();
> privConPoolDS.setServerName(privServerName);
> privConPoolDS.setDatabaseName(privServerDB);
> privConPoolDS.setUser(privUser);
> privConPoolDS.setPassword(privPassword);
> // --------------------------------------
> // dbcp caching via SharedPoolDataSource
> // --------------------------------------
> privSharedDS = new SharedPoolDataSource();
> privSharedDS.setConnectionPoolDataSource(privConPoolDS);
> privSharedDS.setMaxActive(10); // 0 = no limit
> privSharedDS.setMaxIdle(10);
> privSharedDS.setMinEvictableIdleTimeMillis(1000);
> privSharedDS.setMaxWait(1000); // -1 = no limit
> privSharedDS.setTimeBetweenEvictionRunsMillis(1000);
> privSharedDS.setTestWhileIdle(true);
> }
> // --------------------------------------
> // dbcp caching via SharedPoolDataSource
> // --------------------------------------
> tmpCon = privSharedDS.getConnection(privUser, privPassword);
> Reporter: Michael Drechsel
> Priority: Minor
> Fix For: 1.3
>
>
> The SharedPoolDataSource saves wrong password forever
> 1. Get a connection for user1 (use username of user1 and password of user1) ---> connection ok
> 2. Get a connection for user2 (use username of user2 and a wrong password) --> connection failed
> 3. Get a connection for user2 (use username of user2 and password of user2) --> connection will be failed too because the wrong password is stored in the usersKey map.
> Bugfix
> ===================================================================
> protected synchronized PooledConnectionAndInfo
> getPooledConnectionAndInfo(String username, String password)
> throws SQLException {
> if (pool == null) {
> try {
> registerPool(username, password);
> } catch (NamingException e) {
> throw new SQLNestedException("RegisterPool failed", e);
> }
> }
> PooledConnectionAndInfo info = null;
> UserPassKey userPassKey = null;
> try {
> userPassKey = getUserPassKey(username, password);
> info = (PooledConnectionAndInfo) pool
> .borrowObject(userPassKey);
> }
> catch (Exception e) {
>
> if (userKeys != null && userKeys.containsKey(username)) {
> userKeys.remove(username);
> }
>
> throw new SQLNestedException(
> "Could not retrieve connection info from pool", e);
> }
> return info;
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.