Hello again, it turns out that I found the issue and it was because of the PostgreSQL pg_hba.conf configuration. Connections over IPv4 were trusted, while IPv6 connections were set to "md5".
I’m not sure what exactly caused this behavior, but I assume that the Cayenne Modeler & IntelliJ were connecting over IPv4 while the framework was using IPv6. I’m not exactly sure, but I remember reading some article from years ago describing that the macOS resolver basically determines on its own if it should connect over IPv4 or IPv6 depending on some parameters it checks by itself (like latency). From analyzing netstat it looks like the tunnel is created on both protocols: tcp4 0 0 127.0.0.1.5432 *.* LISTEN tcp6 0 0 ::1.5432 *.* LISTEN Now connections over both protocols are trusted and the development environment works without a password (again). Best, Rafael > On 2019-04-09, at 11:20 AM, Juicy Cocktail <[email protected]> wrote: > > Hello, > > thanks for your feedback. I didn’t enter a password before, so this can’t be > a password caching issue. I’m not sure if there aren’t any other caches I’m > not aware of, but I wiped my local .m2 directory to make sure that there > aren’t any older dependencies / Cayenne configs lying around. I also killed & > re-created the SSH tunnel a couple of times and could consistently reproduce > this issue. > > The pg_hba.conf on the database server in the development environment trusts > connections from localhost and I’m actually connecting to localhost on my > workstation. Therefore there should be no password requirement at all, but I > still got an error message about a failed authentication because no password > was provided. > > What makes things sketchy is that our library has exactly the same connection > parameters as the IDE & the Cayenne Modeler, and both of them work in this > setup. This also used to work before I made an update to Cayenne & the > PostgreSQL driver, so maybe the latter changed some behavior. I’ll have to > investigate further. > > It’s not a big issue, because staging & production contain passwords. It’s > mainly an annoyance right now, and I need to know why things are how they are > :) > > Best, > Rafael > > > On 2019/09/03 13:16:21, Michael Gentry <[email protected]> wrote: >> Hi Rafael,> >> >> Wouldn't you still need to provide the credentials? Your SSH tunnel is> >> forwarding the bits to/from PostgreSQL, but your connection still needs to> >> login to the database.> >> >> Does Cayenne Modeler or IntelliJ have the password cached somewhere?> >> >> >> On Mon, Sep 2, 2019 at 1:34 AM Rafael Bugajewski <[email protected]>> >> wrote:> >> >>> Hello,> >>>> >>> I recently upgraded to Cayenne 4.1.B2 and I have the strange issue that my> >>> cayenne-project.xml isn’t working anymore. In my development environment I> >>> create a SSH tunnel to a machine inside the intranet. JDBC is configured >>> to> >>> connect to localhost. The relevant parts from cayenne-project.xml in the> >>> JAR look like this:> >>>> >>> <data-source>> >>> <driver value="org.postgresql.Driver"/>> >>> <url value="jdbc:postgresql://localhost:5432/www2"/>> >>> <connectionPool min="1" max="1"/>> >>> <login userName="www2"/>> >>> </data-source>> >>>> >>> This used to work without issues. The strange thing is that exactly the> >>> same connection still works in the Cayenne Modeler, and it also works in >>> my> >>> IDE (IntelliJ).> >>>> >>> A workaround for me was to add a password and configure it in Cayenne. But> >>> I’m wondering why the configuration suddenly stopped working and why it> >>> still works in Cayenne Modeler / IntelliJ. Any ideas?> >>>> >>> Best,> >>> Rafael> >>>> >>>>
