Details
-
Bug
-
Resolution: Won't Do
-
Major
-
None
-
24.0.0.Final
-
None
Description
Using legacy (rather than Elytron) security configuration for Kerberos connectivity to SQL Server.
In a single session of an EJB client, repeatedly invoking a remote EJB remotely that retrieves and uses a Kerberos authenticated database connection during its execution.
((ISession) ctx.lookup("java:jboss-eap-test/SessionBean!support.jboss.ejb.session.remote.ISession")).test(); ((ISession) ctx.lookup("java:jboss-eap-test/SessionBean!support.jboss.ejb.session.remote.ISession")).test(); ((ISession) ctx.lookup("java:jboss-eap-test/SessionBean!support.jboss.ejb.session.remote.ISession")).test();
Observed that each remote invocation results in creation of a different/new database connection (e.g. 3 are created during the 3 executions above).
Using a Byteman rule like the below, verified that the issue relates to creation of a new sub-pool (mcpPools.keySet().size() increases) for each remote invocation.
RULE org.jboss.jca.core.connectionmanager.pool.AbstractPool.getManagedConnectionPool CLASS org.jboss.jca.core.connectionmanager.pool.AbstractPool METHOD getManagedConnectionPool AT ENTRY IF true DO System.out.println("[BMAN DEBG] mcpPools.get(key) [keySet.size=" + $0.mcpPools.keySet().size() + "] => " + $0.mcpPools.get($1)); ENDRULE
Unable to reproduce the same issue when using Elytron or when using legacy security with EJB client 2.1.8 (so issue seems to have been introduced sometime between 2.1.8 and 4.0.9).
Attachments
Issue Links
- is cloned by
-
JBEAP-22261 [GSS](7.4.z) WFLY-15038 - Kerberos authenticated database connections (e.g. to SQL Server) not reusable when using legacy security and remote EJBs
- Verified
- is related to
-
EJBCLIENT-411 Kerberos authenticated database connections (e.g. to SQL Server) not reusable when using legacy security and remote EJBs
- Closed