Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: 7.3.10.CR1, 7.3.10.GA
Affects Version/s: 7.3.9.CR1, 7.4.1.CR1
Component/s: JCA
Labels:
None

Blocked:
False
Ready:
False
Affects Testing:

Regression
CDW blocker:
CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
QE Test Coverage:
+
Release Note Text:
Undefined
Target Release:

7.3.z.GA
Workaround:

Workaround Exists
Workaround Description:
Hide

System property

ironjacamar.jdbc.kerberos.copygsscredentials=true
Show
System property ironjacamar.jdbc.kerberos.copygsscredentials= true
Git Pull Request:
https://github.com/ironjacamar/ironjacamar/pull/733
Steps to Reproduce:

Hide

configuration from ~~JBEAP-21373~~ can be used for debugging

Show
configuration from JBEAP-21373 can be used for debugging
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Tested with EAP from 7.4.x branch, commit 59e4f3297c1de493e4ff14492dbf0b73bde86cb3

After ~~JBEAP-21373~~ it is not possible to overload authentication defined in server configuration with DataSource.getConnection(username, password)

<datasource jndi-name="java:jboss/datasources/TestDatasource" pool-name="TestDatasource" spy="true" statistics-enabled="true">
    <connection-url>URL</connection-url>
    <connection-property name="oracle.net.authentication_services">
        (KERBEROS5)
    </connection-property>
    <driver>jdbc_driver</driver>
    <pool>
        <min-pool-size>0</min-pool-size>
        <max-pool-size>1</max-pool-size>
        <prefill>false</prefill>
        <allow-multiple-users>true</allow-multiple-users>
    </pool>
    <security>
        <security-domain>DatabaseUser</security-domain>
    </security>
</datasource>

And in the application then:

@Resource(lookup = Constants.DATASOURCE_JNDI_NAME)
private DataSource ds;

....

ds.getConnection(username, password)

username and password from getConnection method call should be used but kerberos authentication is used instead

clones

JBJCA-1427 user and password should be copied to the properties if they are specified

Resolved

JBEAP-22286 [QA](7.4.z) JBJCA-1427 - not possible to bypass GSSCredentials using Datasource.getConnection(username,password)

Closed

is caused by

JBEAP-21373 (7.4.z) JBJCA-1426 - OAUTH marshaling failure when connecting to Oracle database using Kerberos authentication

Closed

is incorporated by

JBEAP-22314 [GSS](7.3.z) Upgrade ironjacamar from 1.4.35.Final-redhat-00001 to 1.5.2.Final-redhat-00001

Closed

Assignee:: Lin Gao

Reporter:: Peter Mackay

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2021/08/02 1:10 PM

Updated:: 2024/08/27 1:45 PM

Resolved:: 2021/08/17 5:25 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates