Uploaded image for project: 'MariaDB Connector/J'
  1. MariaDB Connector/J
  2. CONJ-949

keep clientCertificateKeyStoreUrl and clientCertificateKeyStoreUrl aliases

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.4
    • Fix Version/s: 3.0.5
    • Component/s: authentication
    • Labels:
      None
    • Environment:
      Ubuntu 20.04, OpenJdk 16.0.1, Apache Tomcat 9, Mariadb 10.5.15

      Description

      Authentication with username, password and certificate is not working when "REQUIRE X509" is set. It is working fine in 2.7.5. In 3.0.4 is works only with "REQUIRE SSL" not with "REQUIRE X509".

      3.0.4 throws exception (changed some texts to heshes):
      java.sql.SQLInvalidAuthorizationSpecException: (conn=484) Access denied for user '####'@'####' (using password: YES)

      connection settings:
      System.setProperty(Context.INITIAL_CONTEXT_FACTORY, "org.apache.naming.java.javaURLContextFactory");
      System.setProperty(Context.URL_PKG_PREFIXES, "org.apache.naming");
      InitialContext ic = new InitialContext();
      ic.createSubcontext("java:");
      ic.createSubcontext("java:comp");
      ic.createSubcontext("java:comp/env");
      ic.createSubcontext("java:comp/env/jdbc");

      PoolConfiguration pRead = new PoolProperties();
      pRead.setDefaultAutoCommit(true);
      pRead.setDefaultReadOnly(true);
      pRead.setJmxEnabled(true);
      pRead.setTestWhileIdle(false);
      pRead.setTestOnBorrow(true);
      pRead.setTestOnReturn(false);
      pRead.setValidationInterval(30000);
      pRead.setTimeBetweenEvictionRunsMillis(30000);
      pRead.setMaxActive(20);
      pRead.setInitialSize(2);
      pRead.setMaxIdle(20);
      pRead.setMaxWait(1000);
      pRead.setRemoveAbandonedTimeout(60);
      pRead.setMinEvictableIdleTimeMillis(30000);
      pRead.setMinIdle(1);
      pRead.setLogAbandoned(true);
      pRead.setRemoveAbandoned(true);
      pRead.setDefaultAutoCommit(Boolean.TRUE);
      pRead.setUseStatementFacade(false);
      pRead.setValidationQuery("DO 1");

      //Tomcat specific
      pRead.setJdbcInterceptors("ConnectionState");

      pRead.setDriverClassName("org.mariadb.jdbc.Driver");
      pRead.setUrl("jdbc:mariadb:sequential:###");
      pRead.setDefaultCatalog("###");
      pRead.setUsername("###");
      pRead.setPassword("###");

      DataSource dsRead = new DataSource();
      dsRead.setPoolProperties(pRead);

      dsRead.setConnectionProperties("rewriteBatchedStatements=true");
      dsRead.setConnectionProperties("allowMultiQueries=true");
      dsRead.setConnectionProperties("verifyServerCertificate=false");// mysql
      dsRead.setConnectionProperties("trustServerCertificate=true");// maria

      dsRead.setConnectionProperties("useSSL=true");
      dsRead.setConnectionProperties("requireSSL=true");
      dsRead.setConnectionProperties("clientCertificateKeyStoreUrl=file:target/test-classes/client.p12");
      dsRead.setConnectionProperties("clientCertificateKeyStorePassword=###");
      dsRead.setConnectionProperties("serverSslCert=target/test-classes/server-cert.pem");
      dsRead.setConnectionProperties("sslMode=trust");

        Attachments

          Activity

            People

            Assignee:
            diego dupin Diego Dupin
            Reporter:
            PavelCibulka Pavel Cibulka
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.