[CONJ-949] keep clientCertificateKeyStoreUrl and clientCertificateKeyStoreUrl aliases - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 3.0.4
Fix Version/s: 3.0.5
Component/s: authentication
Labels:
None
Environment:
Ubuntu 20.04, OpenJdk 16.0.1, Apache Tomcat 9, Mariadb 10.5.15

Description

Authentication with username, password and certificate is not working when "REQUIRE X509" is set. It is working fine in 2.7.5. In 3.0.4 is works only with "REQUIRE SSL" not with "REQUIRE X509".

3.0.4 throws exception (changed some texts to heshes):
java.sql.SQLInvalidAuthorizationSpecException: (conn=484) Access denied for user '####'@'####' (using password: YES)

connection settings:
System.setProperty(Context.INITIAL_CONTEXT_FACTORY, "org.apache.naming.java.javaURLContextFactory");
System.setProperty(Context.URL_PKG_PREFIXES, "org.apache.naming");
InitialContext ic = new InitialContext();
ic.createSubcontext("java:");
ic.createSubcontext("java:comp");
ic.createSubcontext("java:comp/env");
ic.createSubcontext("java:comp/env/jdbc");

PoolConfiguration pRead = new PoolProperties();
pRead.setDefaultAutoCommit(true);
pRead.setDefaultReadOnly(true);
pRead.setJmxEnabled(true);
pRead.setTestWhileIdle(false);
pRead.setTestOnBorrow(true);
pRead.setTestOnReturn(false);
pRead.setValidationInterval(30000);
pRead.setTimeBetweenEvictionRunsMillis(30000);
pRead.setMaxActive(20);
pRead.setInitialSize(2);
pRead.setMaxIdle(20);
pRead.setMaxWait(1000);
pRead.setRemoveAbandonedTimeout(60);
pRead.setMinEvictableIdleTimeMillis(30000);
pRead.setMinIdle(1);
pRead.setLogAbandoned(true);
pRead.setRemoveAbandoned(true);
pRead.setDefaultAutoCommit(Boolean.TRUE);
pRead.setUseStatementFacade(false);
pRead.setValidationQuery("DO 1");

//Tomcat specific
pRead.setJdbcInterceptors("ConnectionState");

pRead.setDriverClassName("org.mariadb.jdbc.Driver");
pRead.setUrl("jdbc:mariadb:sequential:###");
pRead.setDefaultCatalog("###");
pRead.setUsername("###");
pRead.setPassword("###");

DataSource dsRead = new DataSource();
dsRead.setPoolProperties(pRead);

dsRead.setConnectionProperties("rewriteBatchedStatements=true");
dsRead.setConnectionProperties("allowMultiQueries=true");
dsRead.setConnectionProperties("verifyServerCertificate=false");// mysql
dsRead.setConnectionProperties("trustServerCertificate=true");// maria

dsRead.setConnectionProperties("useSSL=true");
dsRead.setConnectionProperties("requireSSL=true");
dsRead.setConnectionProperties("clientCertificateKeyStoreUrl=file:target/test-classes/client.p12");
dsRead.setConnectionProperties("clientCertificateKeyStorePassword=###");
dsRead.setConnectionProperties("serverSslCert=target/test-classes/server-cert.pem");
dsRead.setConnectionProperties("sslMode=trust");

Attachments

Activity

People

Assignee:: Diego Dupin

Reporter:: Pavel Cibulka

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2022-03-29 09:48

Updated:: 2022-05-18 08:02

Resolved:: 2022-05-13 15:18

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.