Fix extraneous use of connection string useSSL flag
#569
Conversation
Add template method allowing JDBCContainer subclasses to have a specific form of JDBC URL used for establishing Connections. Fixes #568
| @Override | ||
| protected String constructUrlForConnection(String queryString) { | ||
| String separator = queryString.contains("?") ? "&" : "?"; | ||
| return getJdbcUrl() + separator + "useSSL=false"; |
There was a problem hiding this comment.
You forgot the queryString . Probably should be getJdbcUrl() + queryString + separator + "useSSL=false". Or may be even
String url = super.constructUrlForConnection(queryString);
String separator = url.contains("?") ? "&" : "?";
return url + separator + "useSSL=false";
|
Doh, I’m a fool 😱. Thanks for the catch.
…On Wed, 31 Jan 2018 at 20:58 Nikita Salnikov-Tarnovski < ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In
modules/mysql/src/main/java/org/testcontainers/containers/MySQLContainer.java
<#569 (comment)>
:
> @@ -54,6 +54,12 @@ public String getJdbcUrl() {
return "jdbc:mysql://" + getContainerIpAddress() + ":" + getMappedPort(MYSQL_PORT) + "/" + databaseName;
}
+ @OverRide
+ protected String constructUrlForConnection(String queryString) {
+ String separator = queryString.contains("?") ? "&" : "?";
+ return getJdbcUrl() + separator + "useSSL=false";
You forgot the queryString. Probably should be getJdbcUrl() + queryString
+ separator + "useSSL=false". Or may be even
String url = super.constructUrlForConnection(queryString);
String separator = url.contains("?") ? "&" : "?";
return url + separator + "useSSL=false";
—
You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub
<#569 (review)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAIET6Xf02H9jB6FndjSiZrsSKG2Ppwdks5tQNQEgaJpZM4R0nuo>
.
|
|
Did you consider the withDefaultQueryString approach? |
| * @return a Connection | ||
| * @throws SQLException if there is a repeated failure to create the connection | ||
| */ | ||
| public Connection createConnection(String queryString) throws SQLException { | ||
| final Properties info = new Properties(); | ||
| info.put("user", this.getUsername()); | ||
| info.put("password", this.getPassword()); | ||
| final String url = appendDisableSslConfig(this.getJdbcUrl() + queryString); | ||
| final String url = constructUrlForConnection(queryString); |
There was a problem hiding this comment.
I wonder if the real problem lies in line 145. I'm not a JDBC expert, but shouldn't we provide those flags in the Properties object, like info.setProperty("useSSL", "false");? AFAIK this would make this condfigs database driver implementation independent, at least regarding the way, the url is constructed.
I'm totally fine with this fix ATM, but I think we should refactor this part in a follow up, ideally once we've changed to the monorepo, so we can easily test for regressions.
There was a problem hiding this comment.
I got inspired by your comment, but after testing this with Hive-jdbc i got sad.
I'm not gonna force you into supporting each and every corner use case. Since it's implementation specific. Ergo I should probably submit a ticket to hive-jdbc developers.
But there is no guarantee that all information in info.properties will have affect. I assume that the reason is that most end-user applications accepts a String to make the connection, usually with user/pass fields, but not a key-value form for setting the info properties.
So the best bet is that parameters in ConnectionString will work and that info properties might work.
And just to show some of the horror with hive-jdbc connection string.
Hive JDBC URL: jdbc:hive2://:/dbName;sess_var_list?hive_conf_list#hive_var_list
schema:host:port/path;matrix?query#fragment
|
I would like to remind about the original problem and to call the power of YAGNI :) The problem was that using MySQL containers was inconvenient due to irrelevant ssl warnings. There is no feature requests for default query string nor for any new kind of connection configuration. So in my opinion the only thing that must be done here, is disable SSL in MySQL container. That's it. |
|
Original issue was that TC jdbc URL the useSSL parameter was ignored which it still will be during waitStrategy. |
|
No, it will not. During |
|
My point is that it won't use the parameter supplied in the TC jdbc URL, it will ignore it and add it's own. |
|
If I have it in my TC jdbc URL will it be added twice? |
|
@npetzall thanks - you were right about the parameter being added twice. I have added a simple check to prevent this, which works for now. In general I'd agree that the code in this area is not ideal; we still need to bring #357 back from the dead, so I hope we can do a bit of a general refactor and spring clean soon. |
Bumps [neo4j-java-driver](https://github.com/neo4j/neo4j-java-driver) from 1.7.2 to 1.7.3. <details> <summary>Commits</summary> - [`742d280`](neo4j/neo4j-java-driver@742d280) Merge pull request [#567](https://github-redirect.dependabot.com/neo4j/neo4j-java-driver/issues/567) from ali-ince/1.7-pass-access-mode - [`49ef4db`](neo4j/neo4j-java-driver@49ef4db) Fixing wrong file header - [`f66e194`](neo4j/neo4j-java-driver@f66e194) Merge pull request [#570](https://github-redirect.dependabot.com/neo4j/neo4j-java-driver/issues/570) from zhenlineo/1.7-flaky-test - [`5b58956`](neo4j/neo4j-java-driver@5b58956) Fixing the flaky test that is caused by certificate file changes. - [`f9a6fca`](neo4j/neo4j-java-driver@f9a6fca) Merge pull request [#569](https://github-redirect.dependabot.com/neo4j/neo4j-java-driver/issues/569) from michael-simons/fix-java-doc-trust-strategy - [`bc68f0f`](neo4j/neo4j-java-driver@bc68f0f) Merge pull request [#566](https://github-redirect.dependabot.com/neo4j/neo4j-java-driver/issues/566) from zhenlineo/1.7-hostname-for-sni - [`41949fc`](neo4j/neo4j-java-driver@41949fc) Fix JavaDoc of withTrustStrategy. - [`227c0fc`](neo4j/neo4j-java-driver@227c0fc) Fix test failure - [`11345c1`](neo4j/neo4j-java-driver@11345c1) Pass access mode as part of statement metadata - [`e9e5a93`](neo4j/neo4j-java-driver@e9e5a93) Fix some test failures due to changes to routing table procedure on read-repl... - Additional commits viewable in [compare view](neo4j/neo4j-java-driver@1.7.2...1.7.3) </details> <br /> [](https://dependabot.com/compatibility-score.html?dependency-name=org.neo4j.driver:neo4j-java-driver&package-manager=gradle&previous-version=1.7.2&new-version=1.7.3) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) If all status checks pass Dependabot will automatically merge this pull request. [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in the `.dependabot/config.yml` file in this repo: - Update frequency (including time of day and day of week) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) Finally, you can contact us by mentioning @dependabot. </details>
This is a proposed fix for #568, hopefully to release quickly.