Uploaded image for project: 'MariaDB Connector/J'
  1. MariaDB Connector/J
  2. CONJ-1054

Threadsafety of CredentialPlugin in v3.x

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.1.0, 3.1.1, 3.1.2
    • 3.1.3
    • authentication
    • None

    Description

      Hey all. We have a custom CredentialPlugin linked to AWS SecretManager (for auto credential rotation). We have been using this plugin for a few months over multiple datasources (same app).

      We recently switched from Spring Boot 2.6.x to 2.7.x, which upgraded the mariadb driver from 2.x to 3.x. From this upgrade we started seeing login failures, ie wrong username for the datasource. It was mostly working well, but there was some connection creation that were completely messed up in regards to users vs actual datasource being connecting to.

      By looking at the code, it seems a single instance of a CredentialPlugin is used. The problem is that state is kept in that instance between the 'initialize' & 'get' calls. If 2 connection creations over 2 different threads happen at the same time, there will be a race condition, mix-matching the returned credentials.

      We are wondering if there was a change in behavior in that regard from 2.x to 3.x. If not, we will look into other things that were upgraded in the stack. But even then, the way CredentialPlugin is implemented, it seems that it should ensure no 2 threads could call it at the same time.

      Thanks!

      Attachments

        Activity

          People

            diego dupin Diego Dupin
            Fortin Mathieu
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.