Oracle JDBC 10.1.0.4 Does not Authenticate Correctly When Using Implicit Connection Cache.
(Doc ID 374536.1)
Last updated on MARCH 13, 2019
Applies to:JDBC - Version 10.1.0.4 to 10.1.0.4 [Release 10.1]
Information in this document applies to any platform.
While using implicit connection cache with an Oracle JDBC THIN driver 10.1.0.4.0 the password is not authenticated. The JDBC Driver does not check if the password is valid. Entering an incorrect password will result in the connection being accepted when a previous connection for that user was available.
Find attached a small test program "connCacheBug" that can be used to determine the occurrence of this bug. Before compiling and running the source make sure to change all connect details like usernames, passwords and URL's.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document