[JEUS] standalone client에서 DB 컨넥션을 얻지 못하는 현상

본 포스팅은 stand-alone client에서 DB 컨넥션을 얻지 못하는 현상에 대해 알아 보겠습니다.

---

JEUS5.0.0.24 이상 버전에서 DB패스워드가 암호화 되어있을 경우, stand-alone client에서 DB 컨넥션을 얻지 못하는 현상으로, 해결방법은 JEUS5.0.0.26 이상(JEUS6는 JEUS6.0.0.4 이상)으로 패치 후, stand-alone client 실행 시 -Djeus.security.keypath 옵션을 적용하면 된다.

 

<JEUSMain.xml 파일>

...

<resource>

<data-source>

<database>

<vendor>oracle</vendor>

<export-name>datasource1</export-name>

<data-source-classname>

oracle.jdbc.pool.OracleConnectionPoolDataSource</data-source-class-name>

<database-name>ora10g</database-name>

<data-sourcename>

oracle.jdbc.pool.OracleConnectionPoolDataSource</data-source-name>

<port-number>1521</port-number>

<server-name>XXX.XXX.XXX.221</server-name>

<user>scott</user>

<driver-type>thin</driver-type>

<password>{DES}W1GOA/eh0qnx2K+QHMgPiA==</password>

<data-source-type>ConnectionPoolDataSource</data-source-type>

<connection-pool>

<pooling>

<min>6</min>

<max>10</max>

<step>2</step>

<period>600000</period>

</pooling>

<wait-free-connection>

<enable-wait>true</enable-wait>

…

 

<Client.java> 

import java.rmi.*;

import javax.naming.*;

import javax.rmi.*;

import java.util.*;

import java.sql.*;

import javax.sql.*;

public class Client

{

public static void main(String[] args)

{

try{

java.util.Hashtable ht = new java.util.Hashtable();

ht.put(javax.naming.Context.INITIAL_CONTEXT_FACTORY,

"jeus.jndi.JEUSContextFactory");

ht.put(javax.naming.Context.URL_PKG_PREFIXES, "jeus.jndi.jns.url");

ht.put(javax.naming.Context.PROVIDER_URL, "XXX.XXX.XXX.220:29936");

ht.put(javax.naming.Context.SECURITY_PRINCIPAL, "administrator");

ht.put(javax.naming.Context.SECURITY_CREDENTIALS, "jeusadmin");

Context ctx = new InitialContext(ht);

DataSource ds = null;

Connection con = null;

ds = (DataSource) ctx.lookup("datasource1");

con = ds.getConnection();

System.out.println("Con = " + con);

con.close();

}catch(Exception e){

e.printStackTrace();

}

}

}

<JEUS5.0.0.24이상 버전에서 Client.java 호출 시 Exception>

[2010.11.11 19:14:35][0][] [client-10] [JDBC-0099] fail to create a connection pool [datasource1]

javax.naming.NamingException: jeus.jdbc.connectionpool.ConnectionPoolException: fail to initialize pool [datasource1]

at jeus.jdbc.connectionpool.ConnectionPoolManager.innerCreateConnectionPool(ConnectionPoolManager.java:86)

at jeus.jdbc.connectionpool.ConnectionPoolManager.createConnectionPool(ConnectionPoolManager.java:53)

at jeus.jdbc.connectionpool.CPObjectFactory.getObjectInstance(CPObjectFactory.java:28)

at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:316)

at jeus.jndi.JNSContext.lookupInternal(JNSContext.java:564)

at jeus.jndi.JNSContext.lookup(JNSContext.java:524)

at jeus.jndi.JNSContext.lookup(JNSContext.java:513)

at jeus.jndi.JEUSFailoverContext.lookup(JEUSFailoverContext.java:197)

at javax.naming.InitialContext.lookup(InitialContext.java:363)

at Client.main(Client.java:23)

Caused by: jeus.jdbc.connectionpool.ConnectionPoolException: Failed to make the connection pool; exportname=[

datasource1]

at jeus.jdbc.connectionpool.ConnectionPool.initialize(ConnectionPool.java:313)

at jeus.jdbc.connectionpool.ConnectionPoolManager.innerCreateConnectionPool(ConnectionPoolManager.java:79)

... 9 more

Caused by: jeus.jdbc.connectionpool.JeusSQLException: Failed to create a new PooledConnection from [datasource1]

at jeus.jdbc.connectionpool.ConnectionPool.getPooledConnection(ConnectionPool.java:468)

at jeus.jdbc.connectionpool.ConnectionStore.createPooledConnection(ConnectionStore.java:341)

at jeus.jdbc.connectionpool.ConnectionStore.initStore(ConnectionStore.java:85)

at jeus.jdbc.connectionpool.ConnectionPool.initPool(ConnectionPool.java:398)

at jeus.jdbc.connectionpool.ConnectionPool.initialize(ConnectionPool.java:274)

... 10 more

Caused by: jeus.jdbc.connectionpool.JeusSQLException: Failed to create the new data source instance; exportname=[

datasource1]

at jeus.jdbc.connectionpool.ConnectionPool.getDataSource(ConnectionPool.java:325)

at jeus.jdbc.connectionpool.ConnectionPool.getPooledConnection(ConnectionPool.java:444)

... 14 more

Caused by: jeus.jdbc.datasource.DBDataSourceException: Failed to create the driver DataSource instance

at jeus.jdbc.datasource.DataSourceGenerator.getDataSource(DataSourceGenerator.java:110)

at jeus.jdbc.connectionpool.ConnectionPool.getDataSource(ConnectionPool.java:322)

... 15 more

Caused by: jeus.security.base.DecryptionException: [ERROR] can not decrypt password since secret key file path is not

initialized

at jeus.security.util.EncryptionUtil.decryptPassword(EncryptionUtil.java:681)

at jeus.security.util.EncryptionUtil.decryptPassword(EncryptionUtil.java:760)

at jeus.jdbc.datasource.DataSourceGenerator.getDataSource(DataSourceGenerator.java:52)

... 16 more

...

JEUS5.0.0.23 이전 버전의 경우, bind 할 때 password를 decryption하게 되는데, 이 때 secret.key file이 필요하며 JEUS가 그 위치를 알고 있으므로(manager 및 container에서 static하게 secret.key file의 위치를 초기화하여 가지고 있음) decryption이 가능하다. 

결국 stand-alone client는 lookup할 때, 이미 decryption되어 있는 password를 가지고 connection pool 구성 작업을 하기 때문에 문제가 없다.
JEUS5.0.0.24~JEUS5.0.0.25 버전의 경우, lookup할 때 password를 decryption하게 되는데, (bind할 때 encryption된 password가 그대로 올라감) JEUS에 deploy된 application의 경우는 JEUS가 secret.key file을 알고 있으므로 lookup시 decryption에 문제가 없다. 

그러나 stand-alone client는 lookup할 때, secret.key file의 위치를 알지 못하므로 decryption을 할 수 없기 때문에, 이 버전에서는 password를 encryption 할 경우 stand-alone client에서 connection pool을 구성할 수 없다.
JEUS5.0.0.26 이상 버전의 경우, JEUS5.0.0.24~JEUS5.0.0.25 버전의 단점을 보완하기 위해 -Djeus.security.keypath 옵션이 추가되었는데 (JEUS6는 JEUS6.0.0.4 에서 추가됨), secret.key file path를 설정하고 stand-alone client를 기동하면 stand-alone client가 lookup시 decryption을 할 수 있게 된다.

-Djeus.security.keypath=<security.key>

// security.key 파일의 위치(디렉토리 혹은 파일명까지 포함 가능) 지정

-Djeus.security.master=<master key password>

// security.key 파일이 암호화 된 경우 사용

고맙습니다.