Oracle JDBC Does not Authenticate Correctly When Using Implicit Connection Cache.

(Doc ID 374536.1)

Last updated on OCTOBER 05, 2010

Applies to:

JDBC - Version: to - Release: 10.1 to 10.1
Information in this document applies to any platform.


While using implicit connection cache with an Oracle JDBC THIN driver the password is not authenticated. The JDBC Driver does not check if the password is valid. Entering an incorrect password will result in the connection being accepted when a previous connection for that user was available.

Find attached a small testprogram "connCacheBug" that can be used to determine the occurrence of this bug. Before compiling and running the source make sure to change all connect details like usernames, passwords and URL's.


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms