[jira] [Commented] (RANGER-4104) XXAuthSessionDao.getRecentAuthFailureCountByLoginId produces incorrect SQL code

Tue, 21 Feb 2023 11:46:10 -0800 


    [ 
https://issues.apache.org/jira/browse/RANGER-4104?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17691768#comment-17691768
 ] 

Madhan Neethiraj commented on RANGER-4104:
------------------------------------------

[~andrewluo] - I guess the fix is about following error logged in catalina.out 
file. This error seems to occur only when multiple login attempts are made 
simultaneously. Do you have repro details?
{noformat}
Caused by: Exception [EclipseLink-4002] (Eclipse Persistence Services - 
2.5.2.v20140319-9ad6abd): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLSyntaxErrorException: You have an error in your 
SQL syntax; check the manual that corresponds to your MariaDB server version 
for the right syntax to use near '))' at line 1
Error Code: 1064
Call: SELECT COUNT(?) FROM x_auth_sess t0 WHERE (((t0.LOGIN_ID = ?) AND 
(t0.AUTH_STATUS <> ?)) AND (t0.CREATE_TIME > COALESCE((SELECT 
MAX(t1.CREATE_TIME) FROM x_auth_sess t1 WHERE (((t1.LOGIN_ID = ?) AND 
(t1.AUTH_STATUS = ?)) AND (t1.CREATE_TIME > ?))),?,))
        bind => [7 parameters bound]
Query: ReportQuery(name="XXAuthSession.getRecentAuthFailureCountByLoginId" 
referenceClass=XXAuthSession sql="SELECT COUNT(?) FROM x_auth_sess t0 WHERE 
(((t0.LOGIN_ID = ?) AND (t0.AUTH_STATUS <> ?)) AND (t0.CREATE_TIME > 
COALESCE((SELECT MAX(t1.CREATE_TIME) FROM x_auth_sess t1 WHERE (((t1.LOGIN_ID = 
?) AND (t1.AUTH_STATUS = ?)) AND (t1.CREATE_TIME > ?))),?,))")
 {noformat}
 

About using TemporalType.DATE at the time of parameter binding, note that 
XXAuthSession.authTime is annotated with @Temporal(TemporalType.TIMESTAMP), as 
shown below. Would this not address the JPA spec?
{code:java}
        @Temporal(TemporalType.TIMESTAMP)
        @Column(name="AUTH_TIME"  , nullable=false )
        protected Date authTime = DateUtil.getUTCDate();
{code}
 

 

> XXAuthSessionDao.getRecentAuthFailureCountByLoginId produces incorrect SQL 
> code
> -------------------------------------------------------------------------------
>
>                 Key: RANGER-4104
>                 URL: https://issues.apache.org/jira/browse/RANGER-4104
>             Project: Ranger
>          Issue Type: Bug
>          Components: admin
>    Affects Versions: 3.0.0, 2.4.0
>            Reporter: Andrew Luo
>            Priority: Major
>         Attachments: 
> 0001-Fix-type-of-authWindowStartTime-parameter-in-XXAuthS.patch
>
>
> XXAuthSessionDao.getRecentAuthFailureCountByLoginId produces incorrect SQL 
> code due to an error in how the authWindowStartTime Date parameter is bound.
> It is currently bound with setParameter("authWindowStartTime", 
> authWindowStartTime) however, [JPA 2.2 Specification Section 
> 11.1.53|https://download.oracle.com/otn-pub/jcp/persistence-2_2-mrel-spec/JavaPersistence.pdf]
>  says that it should be bound by specifying an additional parameter 
> TemporalType.DATE.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to