[JAVA-2740] Work around JDK bug that can cause SCRAM-SHA-1 authentication to intermittently fail Created: 22/Jan/18  Updated: 28/Oct/23  Resolved: 22/Jan/18

Status: Closed
Project: Java Driver
Component/s: Authentication
Affects Version/s: None
Fix Version/s: 3.6.2

Type: Improvement Priority: Minor - P4
Reporter: Jeffrey Yemin Assignee: Jeffrey Yemin
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
Case:

 Description   

A JVM bug, originally reported in https://stackoverflow.com/questions/46971788/java-cipher-pbe-thread-safety-issue, can cause SCRAM-SHA-1 authentication to intermittently fail.

Synchronizing access to the java.security.Key instance used in com.mongodb.connection.ScramSha1Authenticator.ScramSha1SaslClient#hi has been demonstrated to be an effective workaround to the bug, as suggested in JDK-8055183

JDK bug links:



 Comments   
Comment by Githook User [ 22/Jan/18 ]

Author:

{'name': 'Jeff Yemin', 'email': 'jeff.yemin@10gen.com', 'username': 'jyemin'}

Message: JAVA-2740: Work around JDK bug that can cause SCRAM-SHA-1 authentication to intermittently fail, by synchronizing on the SecretKey in order to avoid premature finalization.

See https://bugs.openjdk.java.net/browse/JDK-8191177 for the bug report and https://bugs.openjdk.java.net/browse/JDK-8055183 for the suggested workaround
Branch: 3.6.x
https://github.com/mongodb/mongo-java-driver/commit/308c5fbd57af5d96b1e7c066912490e9a9d56841

Comment by Githook User [ 22/Jan/18 ]

Author:

{'name': 'Jeff Yemin', 'email': 'jeff.yemin@10gen.com', 'username': 'jyemin'}

Message: JAVA-2740: Work around JDK bug that can cause SCRAM-SHA-1 authentication to intermittently fail, by synchronizing on the SecretKey in order to avoid premature finalization.

See https://bugs.openjdk.java.net/browse/JDK-8191177 for the bug report and https://bugs.openjdk.java.net/browse/JDK-8055183 for the suggested workaround
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/32e00106716b354fb9ed9fa9bc5481a020919a5a

Generated at Thu Feb 08 08:57:58 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.