bad_password test always passes

c-bik commented 6 years ago

======================== EUnit ========================
module 'erloci_test'
  erloci_test: db_negative_test_...*failed*
in function erloci_test:'-bad_password/1-fun-0-'/1 (c:/projects/git/K2InformaticsGmbH/erloci_nif/_build/test/lib/erloci/test/erloci_test.erl, line 60)
**error:{assertMatch,[{module,erloci_test},
              {line,60},
              {expression,"Res"},
              {pattern,"{ error , { 1017 , _ } }"},
              {value,{ok,#Ref<0.3155374366.2959474706.352>}}]}
  output:<<"">>

  erloci_test: db_negative_test_...ok
  erloci_test: db_test_...ok
  erloci_test: db_test_...ok
  erloci_test: db_test_...ok
  erloci_test: db_test_...ok
  erloci_test: db_test_...ok
  erloci_test: db_test_...ok
  erloci_test: db_test_...[0.219 s] ok
  erloci_test: db_test_...ok
  [done in 0.578 s]
=======================================================
  Failed: 1.  Skipped: 0.  Passed: 9.

c-bik commented 6 years ago

From Oracle docs of OCISessionPoolCreate()

Please note that a session pool may contain two types of connections to the database: direct connections and proxy connections. To make a proxy connection, a user must have Connect through Proxy privilege. When the session pool is created, the userid and password may or may not be specified. If these values are null, no proxy connections can exist in this pool. If mode is set to OCI_SPC_HOMOGENEOUS, no proxy connection can exist. A userid and password pair may also be specified through the authentication handle in the OCISessionGet() call. If this call is made with mode set to OCI_SESSGET_CREDPROXY, then the user is given a session that is authenticated by the userid provided in the OCISessionGet() call, through the proxy credentials supplied in the OCISessionPoolCreate() call. In this case, the password in the OCISessionGet() call is ignored. If OCISessionGet() is called with mode not set to OCI_SESSGET_CREDPROXY, then the user gets a direct session which is authenticated by the credentials provided in the OCISessionGet() call. If none have been provided in this call, the user gets a session authenticated by the credentials in the OCISessionPoolCreate() call.

mode (IN) The modes supported are OCI_DEFAULT - for a new session pool creation. OCI_SPC_HOMOGENEOUS - all sessions in the pool will be authenticated with the username and password passed to OCISessionPoolCreate(). The authentication handle (parameter authInfo) passed into OCISessionGet() is ignored in this case. Moreover, the sessMin and the SessIncr values are considered only in this case. No proxy session can be created in this mode.

... and from OCISessionGet()

authInfop (IN) Authentication Information handle to be used while getting the session. In the default and connection pooling cases, this handle can take all the attributes of the session handle. For session pooling, the authentication information handle is considered only if the session pool mode is not set to OCI_SPC_HOMOGENEOUS. In this case, this handle can have the following attributes set: OCI_ATTR_USERNAME OCI_ATTR_PASSWORD OCI_ATTR_INITIAL_CLIENT_ROLES

Need support for the following session creation combinations

[x] OCISessionPoolCreate without user/pass (OCI_DEFAULT) + OCISessionGet with authInfo parameter with user/pass
[ ] OCISessionPoolCreate with user/pass (OCI_SPC_HOMOGENEOUS) + OCISessionGet NULL authInfo parameter (without user/pass)

c-bik commented 5 years ago

Deprecated : OCI

K2InformaticsGmbH / oranif

bad_password test always passes #6