Describe the feature

Today, the driver class only accepts URLs that start with jdbc:aws-wrapper:. I've hit some cases where this is a limitation. Could the class also accept "un-wrapped" schemes like jdbc:postgresql://?

Use Case

When using Apache Spark to read/write with JDBC, there are per-database dialects to map the database types from and to internal data types. For PostgreSQL, the dialect enables only when
URL starts with jdbc:postgresql://. Hence, it is not currently possible to use jdbc:aws-wrapper:postgresql with the Apache Spark and JDBC.

However, Apache Spark supports setting the driver class name explicitly: i.e., we can pass software.amazon.jdbc.Driver. If this driver class accepted regular URLs, it would thus be possible to use the JDBC source/sink with a postgresql:// URL and the AWS JDBC wrapper.

Proposed Solution

• Accepting jdbc:postgresql:// or similar in software.amazon.jdbc.Driver would be a good first step.
• Overall, it'd be useful to be able to use the wrapper with the standard schemes - i.e., have some way to have the wrapper register itself at jdbc:postgresql:// directly. This would also help with integration in other systems.

Other Information

No response

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

The AWS Advanced JDBC Driver version used

1.0.0

JDK version used

1.11

Operating System and version

Amazon Linux 2

Describe the bug

When using aws-advanced-jdbc-wrapper with IAM authentication plugin and the Postgres driver to access my Aurora Postgres database, the performance of my application drops by 10x compared to using the org.postgresql.Driver with password authentication. This issue is observed when running k6 tests, and the throughput drops from 850 messages per second to ~85 when using IAM authentication.

Code Snippets
Using AwsWrapperDataSource with IAM authentication:

    AwsWrapperDataSource dataSource = new AwsWrapperDataSource();
    dataSource.setJdbcProtocol(AWS_JDBC_POSTGRESQL_DRIVER_PROTOCOL);

    dataSource.setDatabasePropertyName(DATABASE_PROPERTY_NAME);
    dataSource.setServerPropertyName(SERVER_PROPERTY_NAME);
    dataSource.setPortPropertyName(PORT_PROPERTY_NAME);

    dataSource.setTargetDataSourceClassName("org.postgresql.ds.PGSimpleDataSource");

    Properties targetDataSourceProps = new Properties();
    targetDataSourceProps.setProperty(SERVER_PROPERTY_NAME, url);
    targetDataSourceProps.setProperty(DATABASE_PROPERTY_NAME, databaseName);
    targetDataSourceProps.setProperty(PORT_PROPERTY_NAME, port);
    targetDataSourceProps.setProperty(PropertyDefinition.PLUGINS.name, "iam");
    targetDataSourceProps.setProperty(PropertyDefinition.USER.name, username);
    dataSource.setTargetDataSourceProperties(targetDataSourceProps);
    return dataSource;

Using org.postgresql.Driver with password authentication:

public DataSource getDataSourceWithPasswordAuth() {
    DataSourceBuilder dataSourceBuilder = DataSourceBuilder.create();
    dataSourceBuilder.driverClassName(POSTGRESQL_DRIVER);
    dataSourceBuilder.url(url);
    dataSourceBuilder.username(username);
    dataSourceBuilder.password(password);
    return dataSourceBuilder.build();
}

Expected Behavior

The performance of the application when using aws-advanced-jdbc-wrapper with IAM plugin should be comparable to the performance when using the org.postgresql.Driver with password authentication.

What plugins are used? What other connection properties were set?

IAM

Current Behavior

The application's performance drops significantly when using aws-advanced-jdbc-wrapper with IAM authentication plugin compared to using org.postgresql.Driver with password authentication.

Reproduction Steps

1. Implement two separate configurations for database connections, one returning a AwsWrapperDataSource with IAM authentication plugin and another using org.postgresql.Driver with password authentication. (See the code snippets above)
2. Run performance tests that access the database on the application.
3. Observe that the throughput drops

Possible Solution

Is it possible/recommended to use connection pooling with the IAM plugin when using AwsWrapperDataSource to improve performance? If yes, how can it be implemented, and could an example be included with the IAM auth example?

Additional Information/Context

No response

The AWS Advanced JDBC Driver version used

2.1.1

JDK version used

17.0.7

Operating System and version

Amazon Linux 2

Describe the feature

When running deployments using the JDBC wrapper against auto-scaling enabled clusters, we have observed that when the cluster scales up, all the existing connections remain with the instances that they were attached to and the new instances added by auto-scaling are never utilized.

Given that we are able to track cluster topology changes over time and we are able to determine which connections are currently active, it should be possible to add support for re-balancing connections across read replicas in scale up and down events.

Use Case

When running our deployments with the vanilla jdbc driver configuration, scale up events seem to get a relatively even distribution of connections/requests across all the nodes in the autoscaling group (including new nodes that were provisioned when the cluster is under load). The downside is this requires us to run very aggressive health checks to ensure that when the cluster scales down the read replica pool, our deployments are able to quickly detect when their connections to the cluster are dead and re-establish them. This polling approach does result in failed requests in down scaling scenarios and therefore this limits the use-cases to background jobs that are able to resume when some subset of DB requests fail.

In a ideal scenario, knowledge of the cluster topology changes should enhance the application's ability to move inactive connections during auto-scaling events. Especially in the case of high throughput, low latency requests, this would enable the cluster to accommodate the needs of the applications that rely on application-level auto-scaling (horizontal pod auto-scaling).

Proposed Solution

One idea would be to assign connections to a read-only endpoint across all the reader instances in a round robin fashion. Then periodically re-evaluate the cluster topology and when a scale up/down event occurs, gracefully rebalance the connections that are not currently in use across the latest state of the cluster.

An additional measure to mitigate downtime during scale down events could be to pin a percentage of the connections in a connection pool to the fixed instances in the cluster, this way a subset of connections is guaranteed to be available to the application for ongoing requests. While this may temporarily limit throughput, it ensures that the connections left for auto-scaling are able to readily move to new nodes to take load off of the fixed instances.

Other Information

No response

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

The AWS Advanced JDBC Driver version used

1.0.0

JDK version used

jdk-17.0.5+8

Operating System and version

Ubuntu 20.04

Many actions have been deprecated

Node.js 12 actions are deprecated. Please update the following actions to use Node.js 16: actions/checkout@v2, actions/setup-java@v1, crazy-max/ghaction-import-gpg@v4. For more information see: https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/.

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/d11a866e4616e24e90703ffff32b065f5e083b97/wrapper/src/main/resources/messages.properties#L37

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/d11a866e4616e24e90703ffff32b065f5e083b97/wrapper/src/main/java/software/amazon/jdbc/hostlistprovider/AuroraHostListProvider.java#L161

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/4b166ede0c06bceec22da6280754d3ab710881ab/wrapper/src/main/java/software/amazon/jdbc/plugin/staledns/AuroraStaleDnsHelper.java#L87

All dialects should support isReadOnly.

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/4bd2b277b04686667cf14e64d9d161842d752fe4/wrapper/src/test/java/integration/refactored/container/tests/HikariTests.java#L156

Investigate hanging test testFailoverLostConnection. Test Disabled on MariaDB for now

Description

• Implement a default profile in which plugins and ordering are optimal to improve the "out of the box" experience.

Design

If no wrapper plugin codes were specified as part of the configuration parameters, the driver will use a default list of plugin codes:
https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/wrapper/src/main/java/software/amazon/jdbc/ConnectionPluginManager.java#L175

This list is currently empty but we propose to include the following plugins:

• auroraConnectionTracker, a new plugin to track opened connections and handle impacted connections after a failover. It is pending to be merged in PR #298
• failover
• efm

We are looking at using the aws jdbc wrapper w/ aurora postgres to improve our database failovers but during some testing we are encountering some runtime exceptions w/ wrapper classes when we call getObject on a query results

ex:

Caused by: java.lang.RuntimeException: No wrapper class exists for 'org.postgresql.jdbc.PgArray'.
	at software.amazon.jdbc.util.WrapperUtils.wrapWithProxyIfNeeded(WrapperUtils.java:268)
	at software.amazon.jdbc.util.WrapperUtils.executeWithPlugins(WrapperUtils.java:228)
	at software.amazon.jdbc.wrapper.ResultSetWrapper.getObject(ResultSetWrapper.java:708)
...Truncated irrelevant stack

Describe the feature

For postgres-like databases, Hibernate ORM uses driver name obtained via DatabaseMetaData::getDriverName to determine driver kind, which affects the way advanced types are handled. Would id be possible to allow passthrough of the underlying driver name in certain situations?

https://github.com/hibernate/hibernate-orm/blob/main/hibernate-core/src/main/java/org/hibernate/dialect/PostgreSQLDriverKind.java#L27
https://github.com/hibernate/hibernate-orm/blob/6.2/hibernate-core/src/main/java/org/hibernate/dialect/PostgreSQLDialect.java#L1342

Use Case

I'd like to be able to configure wrapped driver to use original driver name, so that hibernate correctly recognises it and enables native support for advanced types.

Proposed Solution

Perhaps an additional property could be defined to enable driver-name passthrough from the wrapped driver?

Other Information

No response

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

The AWS Advanced JDBC Driver version used

1.0.1

JDK version used

Temurin-17.0.6+10

Operating System and version

macOS 13.2.1

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/23ce5ef140b5c3622ce86e84d23bc2eb2c247dac/benchmarks/src/jmh/java/software/amazon/jdbc/benchmarks/PluginBenchmarks.java#L143

See https://hg.openjdk.java.net/code-tools/jmh/file/2be2df7dbaf8/jmh-samples/src/main/java/org/openjdk/jmh/samples/JMHSample_08_DeadCode.java#l73

For examples.
Alternatively use BlackHole.consume()

void functions should pass a blackhole object to the function

Describe the feature

Currently jdbc scheme's are hard coded to postgres and mysql. Remove hard coded schemes in favour of a dialect

Use Case

no support for mariadb

Proposed Solution

use a dialect to figure out which one to load

Other Information

#342

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

The AWS Advanced JDBC Driver version used

Latest

JDK version used

1.8

Operating System and version

any

Describe the bug

Internal connection pooling does not work with Read-Write Splitting Plugin when cluster url is used.

Expected Behavior

• Perform internal connection pooling also when aurora cluster url is used in the jdbc url.
• Cluster topology is discovered by the driver and connections are opened to the available reader and writer instances.
• Read and write connection are kept in dedicated connection pools

What plugins are used? What other connection properties were set?

readWriteSplitting

Current Behavior

Application startup logs when cluster url is used

Redacted url: jdbc:aws-wrapper:postgresql://us-dev-pg-cluster.cluster-xxxxxxxxxx.us-east-1.rds.amazonaws.com/xxxxxxx

15:47:41.386 [main] INFO  o.h.validator.internal.util.Version - HV000001: Hibernate Validator 6.1.7.Final - {} 
15:47:41.798 [main] INFO  o.h.jpa.internal.util.LogHelper - HHH000204: Processing PersistenceUnitInfo [name: default] - {} 
15:47:41.854 [main] INFO  org.hibernate.Version - HHH000412: Hibernate ORM core version 5.4.33 - {} 
15:47:42.009 [main] INFO  o.h.annotations.common.Version - HCANN000001: Hibernate Commons Annotations {5.1.2.Final} - {} 
15:47:44.556 [main] INFO  org.hibernate.dialect.Dialect - HHH000400: Using dialect: infra.db.boundary.CustomPostgresqlDialect - {} 
15:47:46.687 [main] WARN  org.hibernate.cfg.AnnotationBinder - HHH000491: The [createdBy] association in the [features.commerceorders.entity.Status] entity uses both @NotFound(action = NotFoundAction.IGNORE) and FetchType.LAZY. The NotFoundAction.IGNORE @ManyToOne and @OneToOne associations are always fetched eagerly. - {} 
15:47:48.782 [main] INFO  o.h.e.t.j.p.i.JtaPlatformInitiator - HHH000490: Using JtaPlatform implementation: [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform] - {} 
15:47:48.786 [main] INFO  o.s.o.j.LocalContainerEntityManagerFactoryBean - Initialized JPA EntityManagerFactory for persistence unit 'default' - {} 

Application startup logs when instance url is used

Redacted url: jdbc:aws-wrapper:postgresql://backenddevusstoragestack-databas-auroradbinstance1-jjaw8nsn0cul.xxxxxxxxxx.us-east-1.rds.amazonaws.com/xxxxxxxx

15:50:45.312 [main] INFO  o.h.validator.internal.util.Version - HV000001: Hibernate Validator 6.1.7.Final - {} 
15:50:45.716 [main] INFO  o.h.jpa.internal.util.LogHelper - HHH000204: Processing PersistenceUnitInfo [name: default] - {} 
15:50:45.758 [main] INFO  org.hibernate.Version - HHH000412: Hibernate ORM core version 5.4.33 - {} 
15:50:45.878 [main] INFO  o.h.annotations.common.Version - HCANN000001: Hibernate Commons Annotations {5.1.2.Final} - {} 
15:50:46.100 [main] INFO  com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting... - {} 
15:50:47.938 [main] INFO  com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed. - {} 
15:50:48.768 [main] INFO  org.hibernate.dialect.Dialect - HHH000400: Using dialect: infra.db.boundary.CustomPostgresqlDialect - {} 
15:50:51.060 [main] WARN  org.hibernate.cfg.AnnotationBinder - HHH000491: The [createdBy] association in the [features.commerceorders.entity.Status] entity uses both @NotFound(action = NotFoundAction.IGNORE) and FetchType.LAZY. The NotFoundAction.IGNORE @ManyToOne and @OneToOne associations are always fetched eagerly. - {} 
15:50:53.565 [main] INFO  o.h.e.t.j.p.i.JtaPlatformInitiator - HHH000490: Using JtaPlatform implementation: [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform] - {} 
15:50:53.573 [main] INFO  o.s.o.j.LocalContainerEntityManagerFactoryBean - Initialized JPA EntityManagerFactory for persistence unit 'default' - {} 

Reproduction Steps

• Use cluster url in the connection string
• Set plugins to either auroraHostList,readWriteSplitting or readWriteSplitting,failover,efm
• Startup the application

Possible Solution

HikariPooledConnectionProvider works only for urls of type RdsUrlType.RDS_INSTANCE, but RDS_WRITER_CLUSTER url is supplied by the wrapper.

Additional Information/Context

The behavior is identical no matter what set of plugins I use, be it readWriteSplitting,failover,efm or auroraHostList,readWriteSplitting

The AWS Advanced JDBC Driver version used

2.1.2

JDK version used

17.0.7

Operating System and version

Linux pop-os 6.2.6-76060206-generic #202303130630168375320722.04~77c1465 SMP PREEMPT_DYNAMIC Wed M x86_64 x86_64 x86_64 GNU/Linux

Why do we need wrapperUserName and wrapperPassword, etc? Why don't we just pass the properties to the underlying driver ?

Describe the bug

IamAuthConnectionPlugin will generate a wrong token if set up MYSQL_CONNECTION_STRING with non-default port such as 23306.
The port 23306 come from SSH port forwarding like below.

local_port=23306
remote_port=3306
ssh -fNL ${local_port}:${db_host}:${remote_port} ${login_user}@${gateway_host}

sample code:

package software.amazon;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Properties;
import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider;
import software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider;
import software.amazon.awssdk.auth.credentials.SystemPropertyCredentialsProvider;
import software.amazon.jdbc.AwsWrapperProperty;
import software.amazon.jdbc.PropertyDefinition;
import software.amazon.jdbc.authentication.AwsCredentialsManager;
import software.amazon.jdbc.plugin.IamAuthConnectionPlugin;

public class AwsIamAuthenticationMysqlExample {
  public static final String MYSQL_CONNECTION_STRING =
      "jdbc:aws-wrapper:mysql://127.0.0.1:23306";
  private static final String USERNAME = "iam-db-auth-user";

  public static void main(String[] args) throws SQLException {

    final Properties properties = new Properties();

    // Enable AWS IAM database authentication and configure driver property values
    properties.setProperty(PropertyDefinition.PLUGINS.name, "iam");
    properties.setProperty(PropertyDefinition.USER.name, USERNAME);
    properties.setProperty(IamAuthConnectionPlugin.IAM_HOST.name, "my-aurora-cluster.cluster-xxxxxxxx.ap-northeast-1.rds.amazonaws.com");
    properties.setProperty(IamAuthConnectionPlugin.IAM_DEFAULT_PORT.name, "3306");
    properties.setProperty(IamAuthConnectionPlugin.IAM_REGION.name, "ap-northeast-1");

    // Attempt a connection
    try (Connection conn = DriverManager.getConnection(MYSQL_CONNECTION_STRING, properties);
        Statement statement = conn.createStatement();
        ResultSet result = statement.executeQuery("select 1")) {

      System.out.println(Util.getResult(result));
    }
  }
}

IamAuthConnectionPlugin will generate token using following parameters:

• database host: my-aurora-cluster.cluster-xxxxxxxx.ap-northeast-1.rds.amazonaws.com
• database port: 23306 from MYSQL_CONNECTION_STRING
• database region: ap-northeast-1
• database user: iam-db-auth-user

Expected Behavior

IamAuthConnectionPlugin will generate proper token.

What plugins are used? What other connection properties were set?

iam

Current Behavior

IamAuthConnectionPlugin generates wrong token and fails database authentication.

Reproduction Steps

1. Clone this repository
2. Build examples/AWSDriverExample/src/main/java/software/amazon/AwsIamAuthenticationMysqlExample
3. Paste sample code the above to AwsIamAuthenticationMysqlExample.java
4. Run main
   • Set credentials as you like. (I use environment variables AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

Possible Solution

Define new property such as IAM_PORT to overwrite port from hostSpec.

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/9be3a6a49a81118c294052e62dd0fd64cac9e426/wrapper/src/main/java/software/amazon/jdbc/plugin/IamAuthConnectionPlugin.java#L111

Additional Information/Context

I want to use aws-advances-jdbc-wrapper with DBeaver.
Because I found this sentence here

But I cannot find documents about DBeaver configuration in this repository.

The AWS Advanced JDBC Driver version used

2.1.2

JDK version used

17

Operating System and version

Debian GNU/Linux sid

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/e07e5143e4eefbfad28e2bb335b6320d85b5ad75/wrapper/src/main/java/software/amazon/jdbc/wrapper/DatabaseMetaDataWrapper.java#L1789

This code will attempt to create a connection with the current connection and the pluginManager as args. The constructor in ConnectionWrapper does not exist

Has anyone tried https://gist.github.com/kenshih/6c5c3bc74bcf2adb2d6d880428addc6d on this driver.

This is the code from awslabs/aws-mysql-jdbc#196

Describe the feature

I'd like an method to return the underlying ResultSet which can be used to directly access the returned rows. This could be used in cases where a bunch of fields are being read and the overhead from all the wrapping isn't needed.

Use Case

Based on some performance testing, using this jdbc wrapper around our postgres caused our CPU usage to increase by about 100%. The majority of the costs seem to come from the calls to ResultSet.getLong, ResultSet.getBoolean, etc since we call these many times for each record returned and some queries return thousands of rows.

Proposed Solution

I'd like an method to return the underlying ResultSet e.g.

public ResultSet getRawResultSet() {
  return this.resultSet;
}

Other Information

No response

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

The AWS Advanced JDBC Driver version used

1.0.1

JDK version used

17.0.6

Operating System and version

Linux x64 on AWS

Describe the feature

This morning I ran into a production issue that I believe was related to this library and the failover plugin specifically. We have an RDS Aurora cluster with a reader and writer node. We typically use the reader node to offload read-only traffic from the writer node (ie. to support UI workflows). As such, our reader node is 2-4 times the size of a writer node.

We ran into a situation where our reader node got overwhelmed and temporarily refused DB connections. This situation caused the failover plugin to attempt a reader failover and since the reader node was refusing DB connections the writer node won the connection race. Unfortunately the overwhelming read load ended up spilling over to the writer node, where it overloaded the writer node, and finally broke critical workloads.

Prior to using this JDBC driver we would rely on the RDS Aurora cluster endpoints, which would remain consistent with the underlying database topology and didn't change when a DB instance was under heavy load.
I understand that this behavior is documented and frankly I see a use case for having read traffic failover to the writer node.

Having said that I think it would be useful to have an option for reader failover to respect the topology in a similar manner to how writer failover works. In this mode read-only connections would only be made to the writer node if and only if it was the only remaining host in the topology.

For our team we specifically write our applications to leverage read replicas because we don't want to overwhelm the writer node since it is a finite resource (relative to readers) that can only scale vertically.

Use Case

We use read replicas to offload traffic from our writer node. It is not acceptable for us to send overflow read traffic to our writer nodes. We would like to pin read traffic to reader nodes as long as they exist in the topology.

Proposed Solution

I suggest adding a feature flag to the failover plugin like strictFailover or strictReaderFailover which ensures that reader failover respects the topology and only fails over to a writer node if it is the last resort.

Other Information

Happy to submit a PR.

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

The AWS Advanced JDBC Driver version used

1.0.0

JDK version used

JDK 11

Operating System and version

Ubuntu

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/e07e5143e4eefbfad28e2bb335b6320d85b5ad75/wrapper/src/main/java/software/amazon/jdbc/plugin/DefaultConnectionPlugin.java#L155

I don't think this will deal with things like /* some comment*/ BEGIN
or /* some comment */ START TRANSACTION;

Describe the bug

Persisting JSON data with the wrapper throws an PSQLException:

Caused by: org.postgresql.util.PSQLException: ERROR: column "jsonstring" is of type jsonb but expression is of type character varying
  Hint: You will need to rewrite or cast the expression.
  Position: 79
  Location: File: parse_target.c, Routine: transformAssignedExpr, Line: 785
  Server SQLState: 42804
	at org.postgresql.core.v3.QueryExecutorImpl.receiveErrorResponse(QueryExecutorImpl.java:2676)
	at org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:2366)
	at org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:356)
	at org.postgresql.jdbc.PgStatement.executeInternal(PgStatement.java:496)
	at org.postgresql.jdbc.PgStatement.execute(PgStatement.java:413)
	at org.postgresql.jdbc.PgPreparedStatement.executeWithFlags(PgPreparedStatement.java:190)
	at org.postgresql.jdbc.PgPreparedStatement.executeUpdate(PgPreparedStatement.java:152)
	at software.amazon.jdbc.wrapper.PreparedStatementWrapper.lambda$executeUpdate$17(PreparedStatementWrapper.java:253)
	at software.amazon.jdbc.plugin.DefaultConnectionPlugin.execute(DefaultConnectionPlugin.java:98)
	at software.amazon.jdbc.ConnectionPluginManager.lambda$execute$3(ConnectionPluginManager.java:329)
	at software.amazon.jdbc.ConnectionPluginManager.lambda$makePluginChainFunc$0(ConnectionPluginManager.java:269)
	at software.amazon.jdbc.ConnectionPluginManager.executeWithSubscribedPlugins(ConnectionPluginManager.java:251)
	at software.amazon.jdbc.ConnectionPluginManager.execute(ConnectionPluginManager.java:326)
	at software.amazon.jdbc.util.WrapperUtils.executeWithPlugins(WrapperUtils.java:226)
	at software.amazon.jdbc.wrapper.PreparedStatementWrapper.executeUpdate(PreparedStatementWrapper.java:247)
	at org.hibernate.engine.jdbc.internal.ResultSetReturnImpl.executeUpdate(ResultSetReturnImpl.java:197)
	... 20 more

Expected Behavior

No exceptions. Same code works fine with the community Postgres driver.

What plugins are used? What other connection properties were set?

None

Current Behavior

PSQLException

Reproduction Steps

Add the following files to a Java project and run TestJsonHibernate.java.

Disclaimer: since the error was first seen by running the Hibernate ORM test suite, part of the code snippets below are derived from some of that test code, including EntityWithJson and StringNode.

TestJsonHibernate.java

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.hibernate.annotations.JdbcTypeCode;
import org.hibernate.cfg.Configuration;
import org.hibernate.type.SqlTypes;
import jakarta.persistence.Entity;
import jakarta.persistence.Id;
import jakarta.persistence.Table;

public class TestJsonHibernate {

  private static final String create = "CREATE TABLE IF NOT EXISTS EntityWithJson\n"
      + "(\n"
      + "    id INTEGER NOT NULL,\n"
      + "    jsonString jsonb,\n"
      + "    list jsonb,\n"
      + "    objectMap jsonb,\n"
      + "    payload jsonb,\n"
      + "    primary key (id)\n"
      + ")";

  public static void main(String[] args) throws SQLException {
    try (Connection connection = DriverManager.getConnection("jdbc:aws-wrapper:postgresql://cluster-domain/db", "user", "pass");
        Statement statement = connection.createStatement()) {
      statement.executeUpdate(create);
    }

    Configuration configuration = new Configuration();
    configuration.configure("hibernate.cfg.xml");
    configuration.addAnnotatedClass(EntityWithJson.class);

    // Create Session Factory
    SessionFactory sessionFactory = configuration.buildSessionFactory();

    // Initialize Session Object
    Session session = sessionFactory.openSession();

    Map<String, String> stringMap = Map.of("name", "ABC");
    Map<StringNode, StringNode> objectMap = Map.of(new StringNode("name"), new StringNode("ABC"));
    List<StringNode> list = List.of(new StringNode("ABC"));
    String json = "{\"name\":\"abc\"}";

    EntityWithJson entity = new EntityWithJson(3, stringMap, objectMap, list, json);

    session.beginTransaction();
    session.persist(entity);
    session.getTransaction().commit();
  }

  @Entity(name = "EntityWithJson")
  @Table(name = "EntityWithJson")
  public static class EntityWithJson {

    @Id
    private Integer id;

    @JdbcTypeCode(SqlTypes.JSON)
    private Map<String, String> payload;

    @JdbcTypeCode(SqlTypes.JSON)
    private Map<StringNode, StringNode> objectMap;

    @JdbcTypeCode(SqlTypes.JSON)
    private List<StringNode> list;

    @JdbcTypeCode(SqlTypes.JSON)
    private String jsonString;

    public EntityWithJson() {
    }

    public EntityWithJson(
        Integer id,
        Map<String, String> payload,
        Map<StringNode, StringNode> objectMap,
        List<StringNode> list,
        String jsonString) {
      this.id = id;
      this.payload = payload;
      this.objectMap = objectMap;
      this.list = list;
      this.jsonString = jsonString;
    }
  }

  public static class StringNode {

    private String string;

    public StringNode() {
    }

    public StringNode(String string) {
      this.string = string;
    }

    public String getString() {
      return string;
    }

    public void setString(String string) {
      this.string = string;
    }

    @Override
    public boolean equals(Object o) {
      if (this == o) {
        return true;
      }
      if (o == null || getClass() != o.getClass()) {
        return false;
      }

      StringNode that = (StringNode) o;

      return Objects.equals(string, that.string);
    }

    @Override
    public int hashCode() {
      return string != null ? string.hashCode() : 0;
    }
  }
}

JacksonJsonFormatMapper.java

https://github.com/hibernate/hibernate-orm/blob/2ca0e1042952dbb3f80cecde9af87ddb0bc34cea/hibernate-core/src/main/java/org/hibernate/type/jackson/JacksonJsonFormatMapper.java

hibernate.config.xml

<?xml version = "1.0" encoding = "utf-8"?>
<!DOCTYPE hibernate-configuration PUBLIC
  "-//Hibernate/Hibernate Configuration DTD 3.0//EN"
  "http://www.hibernate.org/dtd/hibernate-configuration-3.0.dtd">
<hibernate-configuration>
  <session-factory>
    <property name="hibernate.connection.url">
      <!--      jdbc:postgresql://cluster-domain/db-->
      jdbc:aws-wrapper:postgresql://cluster-domain/db
    </property>
    <property name="hibernate.connection.username">foo</property>
    <property name="hibernate.connection.password">bar</property>
    <property name="hibernate.connection.driver_class">software.amazon.jdbc.Driver</property>
    <!--    <property name="hibernate.connection.driver_class">org.postgresql.Driver</property>-->
    <property name="hibernate.show_sql">true</property>
  </session-factory>
</hibernate-configuration>

Possible Solution

No response

Additional Information/Context

No response

The AWS Advanced JDBC Driver version used

1.0.1

JDK version used

11

Operating System and version

Windows 11 & Ubuntu

Describe the feature

The IAM authentication plugin currently uses the DefaultCredentialsProvider. It would be great if there were a way to customise this.

Use Case

This would be useful in cases where we need to use a role assumed through STS to do the IAM auth.

Proposed Solution

The connection string could take a parameter specifying the name of a user-defined factory class to use to provide the AwsCredentialsProvider. There might also need to be a mechanism to pass some configuration to that factory class, eg. through a second parameter.

Other Information

No response

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

The AWS Advanced JDBC Driver version used

1.0.0

JDK version used

N/A

Operating System and version

N/A

Describe the issue

For datasources documentation it is also good to mention about RDS proxy.

See Failover section of rds proxy docs

For applications that maintain their own connection pool, going through RDS Proxy means that most connections stay alive during failovers or other disruptions. Only connections that are in the middle of a transaction or SQL statement are canceled. RDS Proxy immediately accepts new connections. When the database writer is unavailable, RDS Proxy queues up incoming requests.

For applications that don't maintain their own connection pools, RDS Proxy offers faster connection rates and more open connections. It offloads the expensive overhead of frequent reconnects from the database. It does so by reusing database connections maintained in the RDS Proxy connection pool. This approach is particularly important for TLS connections, where setup costs are significant.

I also have follow up questions regarding this:

1. So does this mean, I should not create connection pool inside java application?
2. RDS proxy pool is internal inside vpc as I understand, so how will we create datasource in this case?

Please help me clarifying about rds proxy and is it safe to use any kind of connection pool like hikari or tomcat pool.

Links

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/DataSource.md

I couldn't find any information if it is possible to use this wrapper by tomcat xml configuration only but tried anyway. After a lot of trial and error I'm stuck now and would kindly ask for help.

I'm trying to connect my java application (Liferay) running on a tomcat 9.0.67 in an EKS 1.24.7 cluster with an Aurora PostgreSQL 11.13. My database configuration is done in tomcat/conf/Catalina/localhost/ROOT.xml and looks like this:

<Context crossContext="true">
    ...
    <Resource name="jdbc/LiferayPool"
              auth="Container"
              type="software.amazon.jdbc.ds.AwsWrapperDataSource"
              factory="software.amazon.jdbc.ds.AwsWrapperDataSourceFactory"
              driverClassName="software.amazon.jdbc.Driver"
              jdbcUrl="jdbc:aws-wrapper:postgresql://${jdbc.host}/${jdbc.database}?sslmode=require"
              user="-"
              password="-"
              wrapperPlugins="awsSecretsManager"
              secretsManagerSecretId="liferay-db-secrets"
              secretsManagerRegion="eu-central-1"
              targetDataSourceClassName="org.postgresql.ds.PGSimpleDataSource"
              jdbcProtocol="jdbc:postgresql:"
              serverPropertyName="serverName"
              portPropertyName="port"
              urlPropertyName="jdbcUrl"
              databasePropertyName="databaseName"
              connectionTimeout="30000"
              idleTimeout="600000"
              maxLifetime="1800000"
              connectionTestQuery="SELECT 1"
              minimumIdle="10"
              maxTotal="30"
              maximumPoolSize="40"
              registerMbeans="true"
    />
</Context>

and I have the following dependencies as jar files in my tomcat/lib/ext directory:

com.fasterxml.jackson.core:jackson-annotations:2.14.1
com.fasterxml.jackson.core:jackson-core:2.14.1
com.fasterxml.jackson.core:jackson-databind:2.14.1
org.reactivestreams:reactive-streams:1.0.4
org.slf4j:slf4j-api:2.0.6
software.amazon.awssdk:auth:2.19.13
software.amazon.awssdk:aws-core:2.19.13
software.amazon.awssdk:aws-json-protocol:2.19.13
software.amazon.awssdk:aws-query-protocol:2.19.13
software.amazon.awssdk:endpoints-spi:2.19.13
software.amazon.awssdk:http-client-spi:2.19.13
software.amazon.awssdk:json-utils:2.19.13
software.amazon.awssdk:metrics-spi:2.19.13
software.amazon.awssdk:profiles:2.19.13
software.amazon.awssdk:protocol-core:2.19.13
software.amazon.awssdk:rds:2.19.13
software.amazon.awssdk:regions:2.19.13
software.amazon.awssdk:sdk-core:2.19.13
software.amazon.awssdk:secretsmanager:2.19.13
software.amazon.awssdk:sts:2.19.13
software.amazon.awssdk:third-party-jackson-core:2.19.13
software.amazon.awssdk:url-connection-client:2.19.13
software.amazon.awssdk:utils:2.19.13
software.amazon.jdbc:aws-advanced-jdbc-wrapper:1.0.0

My problem is, that I cannot omit (or provide an empty string for) the two attributes "user" and "password", as I receive the following exception if I do:

12-Jan-2023 06:51:30.837 WARNING [main] org.apache.naming.NamingContext.lookup Unexpected exception resolving reference
        java.lang.NullPointerException
                at software.amazon.jdbc.ds.AwsWrapperDataSourceFactory.getObjectInstance(AwsWrapperDataSourceFactory.java:58)
                at org.apache.naming.factory.FactoryBase.getObjectInstance(FactoryBase.java:96)
                at java.naming/javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:341)
                at org.apache.naming.NamingContext.lookup(NamingContext.java:864)
                at org.apache.naming.NamingContext.lookup(NamingContext.java:158)
                at org.apache.naming.NamingContext.lookup(NamingContext.java:850)
                at org.apache.naming.NamingContext.lookup(NamingContext.java:158)
                at org.apache.naming.NamingContext.lookup(NamingContext.java:850)
                at org.apache.naming.NamingContext.lookup(NamingContext.java:158)
                at org.apache.naming.NamingContext.lookup(NamingContext.java:850)
                at org.apache.naming.NamingContext.lookup(NamingContext.java:172)
                at org.apache.naming.SelectorContext.lookup(SelectorContext.java:161)
                at java.naming/javax.naming.InitialContext.lookup(InitialContext.java:409)
                at com.liferay.portal.kernel.jndi.JNDIUtil._lookup(JNDIUtil.java:134)
                at com.liferay.portal.kernel.jndi.JNDIUtil.lookup(JNDIUtil.java:33)
                at com.liferay.portal.dao.jdbc.DataSourceFactoryImpl.initDataSource(DataSourceFactoryImpl.java:172)
                at com.liferay.portal.kernel.dao.jdbc.DataSourceFactoryUtil.initDataSource(DataSourceFactoryUtil.java:39)
                at com.liferay.portal.dao.init.DBInitUtil._initDataSource(DBInitUtil.java:223)
                at com.liferay.portal.dao.init.DBInitUtil.init(DBInitUtil.java:70)
                at com.liferay.portal.spring.context.PortalContextLoaderListener.contextInitialized(PortalContextLoaderListener.java:240)
                at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4769)
                at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5231)
                at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
                at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:726)
                at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:698)
                at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:696)
                at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:690)
                at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1889)
                at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
                at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
                at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
                at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:118)
                at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:583)
                at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:473)
                at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1618)
                at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:319)
                at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:123)
                at org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:423)
                at org.apache.catalina.util.LifecycleBase.setState(LifecycleBase.java:366)
                at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:946)
                at org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:835)
                at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
                at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1396)
                at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1386)
                at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
                at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
                at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:140)
                at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:919)
                at org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:265)
                at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
                at org.apache.catalina.core.StandardService.startInternal(StandardService.java:432)
                at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
                at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:930)
                at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
                at org.apache.catalina.startup.Catalina.start(Catalina.java:772)
                at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
                at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
                at java.base/java.lang.reflect.Method.invoke(Method.java:566)
                at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:345)
                at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:476)

But If I provide some dummy string like "-" this information is used instead of the actual secrets value even thouh I can see that the the awsSecretsManager Plugin is used in the stacktrace:

12-Jan-2023 07:04:07.055 SEVERE [main] org.apache.catalina.core.StandardContext.listenerStart Exception sending context initialized event to listener instance of class [com.liferay.portal.spring.context.PortalContextLoaderListener]
      java.lang.RuntimeException: org.postgresql.util.PSQLException: FATAL: password authentication failed for user "-"
              at com.liferay.portal.spring.context.PortalContextLoaderListener.contextInitialized(PortalContextLoaderListener.java:250)
              at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4769)
              at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5231)
              at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
              at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:726)
              at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:698)
              at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:696)
              at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:690)
              at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1889)
              at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
              at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
              at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
              at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:118)
              at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:583)
              at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:473)
              at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1618)
              at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:319)
              at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:123)
              at org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:423)
              at org.apache.catalina.util.LifecycleBase.setState(LifecycleBase.java:366)
              at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:946)
              at org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:835)
              at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
              at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1396)
              at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1386)
              at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
              at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
              at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:140)
              at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:919)
              at org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:265)
              at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
              at org.apache.catalina.core.StandardService.startInternal(StandardService.java:432)
              at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
              at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:930)
              at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
              at org.apache.catalina.startup.Catalina.start(Catalina.java:772)
              at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
              at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
              at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
              at java.base/java.lang.reflect.Method.invoke(Method.java:566)
              at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:345)
              at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:476)
      Caused by: org.postgresql.util.PSQLException: FATAL: password authentication failed for user "-"
              at org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:646)
              at org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:180)
              at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:235)
              at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
              at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:247)
              at org.postgresql.Driver.makeConnection(Driver.java:434)
              at org.postgresql.Driver.connect(Driver.java:291)
              at java.sql/java.sql.DriverManager.getConnection(DriverManager.java:677)
              at java.sql/java.sql.DriverManager.getConnection(DriverManager.java:228)
              at org.postgresql.ds.common.BaseDataSource.getConnection(BaseDataSource.java:103)
              at org.postgresql.ds.common.BaseDataSource.getConnection(BaseDataSource.java:87)
              at software.amazon.jdbc.DataSourceConnectionProvider.connect(DataSourceConnectionProvider.java:104)
              at software.amazon.jdbc.plugin.DefaultConnectionPlugin.connect(DefaultConnectionPlugin.java:126)
              at software.amazon.jdbc.ConnectionPluginManager.lambda$connect$4(ConnectionPluginManager.java:314)
              at software.amazon.jdbc.ConnectionPluginManager.lambda$makePluginChainFunc$0(ConnectionPluginManager.java:246)
              at software.amazon.jdbc.ConnectionPluginManager.lambda$null$1(ConnectionPluginManager.java:250)
              at software.amazon.jdbc.plugin.AwsSecretsManagerConnectionPlugin.connect(AwsSecretsManagerConnectionPlugin.java:151)
              at software.amazon.jdbc.ConnectionPluginManager.lambda$connect$4(ConnectionPluginManager.java:314)
              at software.amazon.jdbc.ConnectionPluginManager.lambda$makePluginChainFunc$2(ConnectionPluginManager.java:250)
              at software.amazon.jdbc.ConnectionPluginManager.executeWithSubscribedPlugins(ConnectionPluginManager.java:228)
              at software.amazon.jdbc.ConnectionPluginManager.connect(ConnectionPluginManager.java:311)
              at software.amazon.jdbc.wrapper.ConnectionWrapper.init(ConnectionWrapper.java:131)
              at software.amazon.jdbc.wrapper.ConnectionWrapper.<init>(ConnectionWrapper.java:85)
              at software.amazon.jdbc.ds.AwsWrapperDataSource.getConnection(AwsWrapperDataSource.java:123)
              at software.amazon.jdbc.ds.AwsWrapperDataSource.getConnection(AwsWrapperDataSource.java:77)
              at com.liferay.portal.dao.jdbc.util.DBInfoUtil.lambda$getDBInfo$0(DBInfoUtil.java:47)
              at com.liferay.petra.concurrent.ConcurrentMapperHashMap.lambda$computeIfAbsent$1(ConcurrentMapperHashMap.java:114)
              at java.base/java.util.concurrent.ConcurrentHashMap.computeIfAbsent(ConcurrentHashMap.java:1705)
              at com.liferay.petra.concurrent.ConcurrentMapperHashMap.computeIfAbsent(ConcurrentMapperHashMap.java:111)
              at com.liferay.portal.dao.jdbc.util.DBInfoUtil.getDBInfo(DBInfoUtil.java:44)
              at com.liferay.portal.spring.hibernate.DialectDetector.getDialect(DialectDetector.java:51)
              at com.liferay.portal.dao.init.DBInitUtil._initDataSource(DBInitUtil.java:226)
              at com.liferay.portal.dao.init.DBInitUtil.init(DBInitUtil.java:70)
              at com.liferay.portal.spring.context.PortalContextLoaderListener.contextInitialized(PortalContextLoaderListener.java:240)
              ... 41 more

The secret is provided through a k8s service account that references an IAM role with the permission to read the secret in question. My environment variables look like this:

env | grep AWS
AWS_ROLE_ARN=arn:aws:iam::XXXXXXXXXX:role/YYYYYYYYYYYYYYYYYYYYYYYY
AWS_WEB_IDENTITY_TOKEN_FILE=/var/run/secrets/eks.amazonaws.com/serviceaccount/token
AWS_STS_REGIONAL_ENDPOINTS=regional
AWS_DEFAULT_REGION=eu-central-1
AWS_REGION=eu-central-1

I have verified that the connection and permissions are correctly setup by modifying one of the sample projects you provided and running it on the pod in question with tomcat/lib/ext/ as classpath:

package com.example.aws.sdk.test;

import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient;
import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest;
import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueResponse;
import software.amazon.awssdk.services.secretsmanager.model.SecretsManagerException;

public class AwsTest {
    public static void main(String[] args) {
        try {
            SecretsManagerClient secretsClient = SecretsManagerClient.builder().region(Region.EU_CENTRAL_1)
                .credentialsProvider(DefaultCredentialsProvider.create()).build();

            GetSecretValueRequest valueRequest = GetSecretValueRequest.builder().secretId("liferay-db-secrets").build();

            GetSecretValueResponse valueResponse = secretsClient.getSecretValue(valueRequest);
            String secret = valueResponse.secretString();
            System.out.println(secret);

        } catch (SecretsManagerException e) {
            System.err.println(e.awsErrorDetails().errorMessage());
            System.exit(1);
        }
    }
}

Am I missing something or is this not intended to work like this?

Describe the bug

Upgrading our code from version 1.0.2 to 2.1.0 results in the exception below.

Here is how we create the connection:

        username = creds.username
        password = creds.password
        dataSourceClassName = AwsWrapperDataSource::class.java.name
        addDataSourceProperty("jdbcProtocol", "jdbc:postgresql:")
        addDataSourceProperty("databasePropertyName", "databaseName")
        addDataSourceProperty("portPropertyName", "portNumber")
        addDataSourceProperty("serverPropertyName", "serverName")
        addDataSourceProperty("targetDataSourceClassName", PGSimpleDataSource::class.java.name)
        val targetDataSourceProps = Properties()
        targetDataSourceProps.setProperty("serverName", dbDetails.host.value)
        targetDataSourceProps.setProperty("databaseName", db.name)
        targetDataSourceProps.setProperty("portNumber", dbDetails.port.value.toString())
        targetDataSourceProps.setProperty("wrapperLoggerLevel", "CONFIG")
        targetDataSourceProps.setProperty("wrapperLogUnclosedConnections", "true")
        val plugins = if (dbDetails.isAurora) {
            // https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/UsingTheJdbcDriver.md#list-of-available-plugins
            // TODO: This is where you can enable IAM auth
            "auroraConnectionTracker,failover,efm"
        } else {
            ""
        }
        targetDataSourceProps.setProperty("wrapperPlugins", plugins)
        addDataSourceProperty("targetDataSourceProperties", targetDataSourceProps)

Expected Behavior

Connect to Aurora

What plugins are used? What other connection properties were set?

"auroraConnectionTracker,failover,efm"

Current Behavior

java.lang.NoClassDefFoundError: com/mysql/cj/exceptions/WrongArgumentException
at software.amazon.jdbc.plugin.failover.FailoverConnectionPlugin.lambda$initHostProvider$0(FailoverConnectionPlugin.java:213) ~[aws-advanced-jdbc-wrapper-2.1.0.jar:?]
at software.amazon.jdbc.plugin.failover.FailoverConnectionPlugin.initHostProvider(FailoverConnectionPlugin.java:245) ~[aws-advanced-jdbc-wrapper-2.1.0.jar:?]
at software.amazon.jdbc.plugin.failover.FailoverConnectionPlugin.initHostProvider(FailoverConnectionPlugin.java:209) ~[aws-advanced-jdbc-wrapper-2.1.0.jar:?]
at software.amazon.jdbc.ConnectionPluginManager.lambda$initHostProvider$8(ConnectionPluginManager.java:517) ~[aws-advanced-jdbc-wrapper-2.1.0.jar:?]
at software.amazon.jdbc.ConnectionPluginManager.lambda$makePluginChainFunc$2(ConnectionPluginManager.java:278) ~[aws-advanced-jdbc-wrapper-2.1.0.jar:?]
at software.amazon.jdbc.ConnectionPluginManager.executeWithSubscribedPlugins(ConnectionPluginManager.java:256) ~[aws-advanced-jdbc-wrapper-2.1.0.jar:?]
at software.amazon.jdbc.ConnectionPluginManager.initHostProvider(ConnectionPluginManager.java:513) ~[aws-advanced-jdbc-wrapper-2.1.0.jar:?]
at software.amazon.jdbc.wrapper.ConnectionWrapper.init(ConnectionWrapper.java:128) ~[aws-advanced-jdbc-wrapper-2.1.0.jar:?]
at software.amazon.jdbc.wrapper.ConnectionWrapper.(ConnectionWrapper.java:88) ~[aws-advanced-jdbc-wrapper-2.1.0.jar:?]
at software.amazon.jdbc.ds.AwsWrapperDataSource.createConnectionWrapper(AwsWrapperDataSource.java:163) ~[aws-advanced-jdbc-wrapper-2.1.0.jar:?]
at software.amazon.jdbc.ds.AwsWrapperDataSource.getConnection(AwsWrapperDataSource.java:133) ~[aws-advanced-jdbc-wrapper-2.1.0.jar:?]
at com.zaxxer.hikari.pool.PoolBase.newConnection(PoolBase.java:359) ~[HikariCP-5.0.1.jar:?]
at com.zaxxer.hikari.pool.PoolBase.newPoolEntry(PoolBase.java:201) ~[HikariCP-5.0.1.jar:?]
at com.zaxxer.hikari.pool.HikariPool.createPoolEntry(HikariPool.java:470) ~[HikariCP-5.0.1.jar:?]
at com.zaxxer.hikari.pool.HikariPool.checkFailFast(HikariPool.java:561) ~[HikariCP-5.0.1.jar:?]
at com.zaxxer.hikari.pool.HikariPool.(HikariPool.java:100) ~[HikariCP-5.0.1.jar:?]
at com.zaxxer.hikari.HikariDataSource.(HikariDataSource.java:81) ~[HikariCP-5.0.1.jar:?]
at com.paxos.messaging.db.HikariDataSourceFactoryKt.createHikariDatasource-dWUq8MI(HikariDataSourceFactory.kt:214) ~[messaging-utils-db-db-impl-1679-d6375b82.jar:?]
at com.paxos.messaging.db.HikariDataSourceFactoryKt.createHikariDatasource-9VgGkz4(HikariDataSourceFactory.kt:139) ~[messaging-utils-db-db-impl-1679-d6375b82.jar:?]
at com.paxos.messaging.db.DefaultHikariDataSourceFactory$createHikariDataSource$2.invoke(HikariDataSourceFactory.kt:66) ~[messaging-utils-db-db-impl-1679-d6375b82.jar:?]
at com.paxos.messaging.db.DefaultHikariDataSourceFactory$createHikariDataSource$2.invoke(HikariDataSourceFactory.kt:63) ~[messaging-utils-db-db-impl-1679-d6375b82.jar:?]
at com.paxos.messaging.db.DefaultHikariDataSourceFactory.createHikariDataSource$lambda$0(HikariDataSourceFactory.kt:63) ~[messaging-utils-db-db-impl-1679-d6375b82.jar:?]
at java.util.concurrent.ConcurrentHashMap.computeIfAbsent(ConcurrentHashMap.java:1708) ~[?:?]
at com.paxos.messaging.db.DefaultHikariDataSourceFactory.createHikariDataSource(HikariDataSourceFactory.kt:63) ~[messaging-utils-db-db-impl-1679-d6375b82.jar:?]
at com.paxos.messaging.db.DefaultDataSourceFactory.createDataSource(DefaultDataSourceFactory.kt:12) ~[messaging-utils-db-db-impl-1679-d6375b82.jar:?]
at com.paxos.messaging.db.DefaultDbTransactionFactory.createReadOnlyDbTransaction(DefaultDbTransactionFactory.kt:15) ~[messaging-utils-db-db-impl-1679-d6375b82.jar:?]
at com.paxos.messaging.db.AbstractDbTransactionFactory$roTx$2.invokeSuspend(AbstractDbTransactionFactory.kt:20) ~[messaging-utils-db-db-impl-1679-d6375b82.jar:?]
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33) ~[kotlin-stdlib-1.8.21.jar:1.8.21-release-380(1.8.21)]
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106) ~[kotlinx-coroutines-core-jvm-1.6.4.jar:?]
at kotlinx.coroutines.internal.LimitedDispatcher.run(LimitedDispatcher.kt:42) ~[kotlinx-coroutines-core-jvm-1.6.4.jar:?]
at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:95) ~[kotlinx-coroutines-core-jvm-1.6.4.jar:?]
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:570) ~[kotlinx-coroutines-core-jvm-1.6.4.jar:?]
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:750) ~[kotlinx-coroutines-core-jvm-1.6.4.jar:?]
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:677) ~[kotlinx-coroutines-core-jvm-1.6.4.jar:?]
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:664) ~[kotlinx-coroutines-core-jvm-1.6.4.jar:?]
Caused by: java.lang.ClassNotFoundException: com.mysql.cj.exceptions.WrongArgumentException
at jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:641) ~[?:?]
at jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:188) ~[?:?]
at java.lang.ClassLoader.loadClass(ClassLoader.java:520) ~[?:?]
... 35 more

Reproduction Steps

Upgrade to 2.1.0
Try to connect to Aurora Postgres

Possible Solution

No response

Additional Information/Context

No response

The AWS Advanced JDBC Driver version used

2.1.0

JDK version used

17.0.6

Operating System and version

linux

Describe the bug

Calling Connection.rollback(savepoint) or Connection.releaseSavepoint(savepoint) with a savepoint that was returned by Connection.setSavepoint() will fail with a ClassCastException.

Expected Behavior

No exception, instead the operation should succeed as it does when not using the wrapper library.

What plugins are used? What other connection properties were set?

None

Current Behavior

Exception in thread "main" java.lang.ClassCastException: class software.amazon.jdbc.wrapper.SavepointWrapper cannot be cast to class org.postgresql.jdbc.PSQLSavepoint (software.amazon.jdbc.wrapper.SavepointWrapper and org.postgresql.jdbc.PSQLSavepoint are in unnamed module of loader 'app')
	at org.postgresql.jdbc.PgConnection.rollback(PgConnection.java:1809)
	at software.amazon.jdbc.wrapper.ConnectionWrapper.lambda$rollback$39(ConnectionWrapper.java:678)
	at software.amazon.jdbc.util.WrapperUtils.lambda$runWithPlugins$1(WrapperUtils.java:169)
	at software.amazon.jdbc.plugin.DefaultConnectionPlugin.execute(DefaultConnectionPlugin.java:98)
	at software.amazon.jdbc.ConnectionPluginManager.lambda$execute$3(ConnectionPluginManager.java:327)
	at software.amazon.jdbc.ConnectionPluginManager.lambda$makePluginChainFunc$0(ConnectionPluginManager.java:267)
	at software.amazon.jdbc.ConnectionPluginManager.executeWithSubscribedPlugins(ConnectionPluginManager.java:249)
	at software.amazon.jdbc.ConnectionPluginManager.execute(ConnectionPluginManager.java:324)
	at software.amazon.jdbc.util.WrapperUtils.executeWithPlugins(WrapperUtils.java:226)
	at software.amazon.jdbc.util.WrapperUtils.runWithPlugins(WrapperUtils.java:162)
	at software.amazon.jdbc.wrapper.ConnectionWrapper.rollback(ConnectionWrapper.java:672)
	at AwsWrapperTest.main(AwsWrapperTest.java:9)

Reproduction Steps

Run code below, using your own values for the parameters to DriverManager.getConnection.

import java.sql.*;

public class AwsWrapperTest {

    public static void main(String[] args) throws SQLException {
        Connection connection = DriverManager.getConnection("jdbc:aws-wrapper:postgresql://localhost:49153/postgres", "username", "password");
        connection.setAutoCommit(false);
        Savepoint savepoint = connection.setSavepoint();
        connection.rollback(savepoint);
//        connection.releaseSavepoint(savepoint); // fails too when used instead of previous line
    }
}

Possible Solution

No response

Additional Information/Context

PostgreSQL version 15.1.

PostgreSQL JDBC driver "org.postgresql:postgresql:42.5.2"

The AWS Advanced JDBC Driver version used

1.0.1

JDK version used

openjdk version "17.0.3" 2022-04-19 OpenJDK Runtime Environment Temurin-17.0.3+7 (build 17.0.3+7) OpenJDK 64-Bit Server VM Temurin-17.0.3+7 (build 17.0.3+7, mixed mode, sharing)

Operating System and version

Windows 11

There are comments in the docs that suggest that there is a preferred order of plugins. Do we check this when we load the plugins ?

Describe the feature

Be able to use the iam plugin when going through a jump box. Currently, it errors saying that localhost does not match the rds endpoint structure.

Use Case

I'm trying to use JDBC to test applications locally connecting to Aurora Database through JDBC where it is required to use a jump box. With the jump box configuration, you have to use the localhost address when connecting to the database.

Proposed Solution

Add a field to the wrapper that would be the endpoint of the database instance (failover??) that when localhost is used the endpoint field could be used in its place.

Other Information

Unsupported AWS hostname localhost. Amazon domain name in format *.AWS-Region.rds.amazonaws.com or *.rds.AWS-Region.amazonaws.com.cn is expected.

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

The AWS Advanced JDBC Driver version used

1.0.0

JDK version used

OpenJDK 18.0.02

Operating System and version

Windows 11

Describe the bug

Confirm that CopyManager works
Geometry types work

Expected Behavior

CopyManager works

What plugins are used? What other connection properties were set?

N/A

Current Behavior

N/A

Reproduction Steps

N/A

Possible Solution

No response

Additional Information/Context

No response

The AWS Advanced JDBC Driver version used

Latest

JDK version used

1.8

Operating System and version

any

Describe the bug

When any connection is created I'm getting the following error:

PSQLException
ERROR: function aurora_replica_status() does not exist
  Hint: No function matches the given name and argument types. You might need to add explicit type casts.
  Position: 35

Expected Behavior

Same behavior as with v1.0.1 of the wrapper.

What plugins are used? What other connection properties were set?

None

Current Behavior

org.postgresql.util.PSQLException: ERROR: function aurora_replica_status() does not exist
  Hint: No function matches the given name and argument types. You might need to add explicit type casts.
  Position: 35
    at org.postgresql.core.v3.QueryExecutorImpl.receiveErrorResponse(QueryExecutorImpl.java:2713)
    at org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:2401)
    at org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:368)
    at org.postgresql.jdbc.PgStatement.executeInternal(PgStatement.java:498)
    at org.postgresql.jdbc.PgStatement.execute(PgStatement.java:415)
    at org.postgresql.jdbc.PgStatement.executeWithFlags(PgStatement.java:335)
    at org.postgresql.jdbc.PgStatement.executeCachedSql(PgStatement.java:321)
    at org.postgresql.jdbc.PgStatement.executeWithFlags(PgStatement.java:297)
    at org.postgresql.jdbc.PgStatement.executeQuery(PgStatement.java:246)
    at software.amazon.jdbc.hostlistprovider.AuroraHostListProvider.queryForTopology(AuroraHostListProvider.java:349)
    at software.amazon.jdbc.hostlistprovider.AuroraHostListProvider.getTopology(AuroraHostListProvider.java:262)
    at software.amazon.jdbc.hostlistprovider.AuroraHostListProvider.refresh(AuroraHostListProvider.java:478)
    at software.amazon.jdbc.PluginServiceImpl.refreshHostList(PluginServiceImpl.java:320)
    at software.amazon.jdbc.plugin.failover.FailoverConnectionPlugin.connect(FailoverConnectionPlugin.java:795)
    at software.amazon.jdbc.ConnectionPluginManager.lambda$connect$4(ConnectionPluginManager.java:348)
    at software.amazon.jdbc.ConnectionPluginManager.lambda$makePluginChainFunc$2(ConnectionPluginManager.java:275)
    at software.amazon.jdbc.ConnectionPluginManager.lambda$null$1(ConnectionPluginManager.java:275)
    at software.amazon.jdbc.plugin.AuroraConnectionTrackerPlugin.connect(AuroraConnectionTrackerPlugin.java:96)
    at software.amazon.jdbc.ConnectionPluginManager.lambda$connect$4(ConnectionPluginManager.java:348)
    at software.amazon.jdbc.ConnectionPluginManager.lambda$makePluginChainFunc$2(ConnectionPluginManager.java:275)
    at software.amazon.jdbc.ConnectionPluginManager.executeWithSubscribedPlugins(ConnectionPluginManager.java:253)
    at software.amazon.jdbc.ConnectionPluginManager.connect(ConnectionPluginManager.java:345)
    at software.amazon.jdbc.wrapper.ConnectionWrapper.init(ConnectionWrapper.java:131)
    at software.amazon.jdbc.wrapper.ConnectionWrapper.<init>(ConnectionWrapper.java:85)
    at software.amazon.jdbc.ds.AwsWrapperDataSource.createConnectionWrapper(AwsWrapperDataSource.java:164)
    at software.amazon.jdbc.ds.AwsWrapperDataSource.getConnection(AwsWrapperDataSource.java:134)
    at com.zaxxer.hikari.pool.PoolBase.newConnection(PoolBase.java:359)
    at com.zaxxer.hikari.pool.PoolBase.newPoolEntry(PoolBase.java:201)
    at com.zaxxer.hikari.pool.HikariPool.createPoolEntry(HikariPool.java:470)
    at com.zaxxer.hikari.pool.HikariPool.checkFailFast(HikariPool.java:561)
    at com.zaxxer.hikari.pool.HikariPool.<init>(HikariPool.java:100)
    at com.zaxxer.hikari.HikariDataSource.<init>(HikariDataSource.java:81)

Reproduction Steps

Create a new maven project and make sure to include the following dependencies:

<dependency>
    <groupId>org.postgresql</groupId>
    <artifactId>postgresql</artifactId>
    <version>42.6.0</version>
</dependency>

<dependency>
    <groupId>software.amazon.jdbc</groupId>
    <artifactId>aws-advanced-jdbc-wrapper</artifactId>
    <version>1.0.2</version>
</dependency>

Add the following java file and run against an RDS instance running Postgres 15.2 (i.e. not an Aurora cluster).

ReproduceRdsConnectionIssue.java

import software.amazon.jdbc.ds.AwsWrapperDataSource;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.Statement;
import java.util.Properties;

public class ReproduceRdsConnectionIssue {

    public static void main(String[] args) throws Exception {
        AwsWrapperDataSource ds = getDataSource();
        try (final Connection conn = ds.getConnection("myUser", "myPassword");
             final Statement statement = conn.createStatement();
             final ResultSet rs = statement.executeQuery("SELECT 1")) {
            if (rs.next()) {
                System.out.println("Got " + rs.getInt(1));
            }
        }
    }

    static AwsWrapperDataSource getDataSource() {
        AwsWrapperDataSource ds = new AwsWrapperDataSource();
        ds.setJdbcProtocol("jdbc:postgresql:");
        ds.setDatabasePropertyName("databaseName");
        ds.setServerPropertyName("serverName");
        ds.setPortPropertyName("port");
        ds.setTargetDataSourceClassName("org.postgresql.ds.PGSimpleDataSource");
        Properties targetDataSourceProps = new Properties();
        targetDataSourceProps.setProperty("serverName", "myServerName");
        targetDataSourceProps.setProperty("databaseName", "myDatabaseName");
        targetDataSourceProps.setProperty("port", "myPort");
        ds.setTargetDataSourceProperties(targetDataSourceProps);
        return ds;
    }
}

Possible Solution

No response

Additional Information/Context

• Postgres 15.2 on RDS
• Java 17
• Used HikariCP for database pooling but don't think it matters

The AWS Advanced JDBC Driver version used

1.0.2

JDK version used

17

Operating System and version

Ubuntu

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/4b166ede0c06bceec22da6280754d3ab710881ab/wrapper/src/main/java/software/amazon/jdbc/hostlistprovider/AuroraHostListProvider.java#L115

To enforce the order of operations this instance variable should be volatile.

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/dac5a1ff127a35418cae202133cf40185f69dc29/wrapper/src/main/java/com/amazon/awslabs/jdbc/util/RdsUtils.java#L24

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/dc3f1e96666ad394635fa3e2dcb9e0ca21214128/wrapper/src/main/java/software/amazon/jdbc/plugin/readwritesplitting/ReadWriteSplittingPlugin.java#L459

this method is called on a closed connection or this method is called during a transaction

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/e07e5143e4eefbfad28e2bb335b6320d85b5ad75/build.gradle.kts#L135

The latest announcement advertises this driver as drop-in compatible. I understand that I have to add the jar to my project and change the protocol prefix to jdbc:aws-wrapper: in the JDBC connection URL. But how do I set wrapperPlugins without changing my code? The docs do not suggest any method for that. Can I add the connection plugin manager parameters as URL parameters to the JDBC connection URL?

Describe the feature

I'm currently working on a HostListProvider that does topology discovery using AWS APIs to support Aurora Global Database. I'm trying to make it such that DB connections will be made to local regions when possible.

When reader failover occurs the available reader hosts are shuffled and connected to at random. I think this is a good strategy for distributing connections among a local cluster with many readers but less optimal in a global database where reads to a distant region can add significant latency to DB queries.

Use Case

I'm currently working on a HostListProvider that does topology discovery using AWS APIs to support Aurora Global Database. I'm trying to make it such that DB connections will be made to local regions when possible. I need a way to weigh/prioritize HostSpec objects such that clients will failover to local readers as opposed to remote readers.

Proposed Solution

I propose the option to specify an optional (default to 0) priority/weight to each HostSpec object such that certain hosts will be higher priority than others. Then the reader failover behavior could be updated to group hosts by priority and shuffle at each priority. For the AuroraHostListProvider there would be no behavior change.

Other Information

No response

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

The AWS Advanced JDBC Driver version used

1.0.0

JDK version used

JDK 11

Operating System and version

Ubuntu 20.04

Hey I have a question about how to configure Datasource with IAM plugin. Tried using this following configuration as DataSource:

       ds.setJdbcProtocol("jdbc:postgresql:");
       ds.setDatabasePropertyName("databaseName");
       ds.setServerPropertyName("serverName");
       ds.setPortPropertyName("port");
       ds.setUser("app_user");
//        ds.setPassword("pass");


       // Specify the driver-specific data source:
       ds.setTargetDataSourceClassName("org.postgresql.ds.PGSimpleDataSource");


       // Configure the driver-specific data source:
       Properties targetDataSourceProps = new Properties();
       targetDataSourceProps.setProperty("serverName", "x");
       targetDataSourceProps.setProperty("databaseName", "database_name");
       targetDataSourceProps.setProperty("port", "5432");
       targetDataSourceProps.setProperty("currentSchema", "schema");
       targetDataSourceProps.setProperty("ssl", "true");
       targetDataSourceProps.setProperty("sslmode", "require");
       targetDataSourceProps.setProperty(PropertyDefinition.PLUGINS.name, "iam");
       ds.setTargetDataSourceProperties(targetDataSourceProps);

       return ds;

Unfortunately no joy. It generates a token that ends up in properties under password but in a later stage in DefaultConnectionProvider it ends up being removed and while obtaining a connection it tries to use a password instead of a token.

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/e07e5143e4eefbfad28e2bb335b6320d85b5ad75/wrapper/src/main/java/software/amazon/jdbc/wrapper/ArrayWrapper.java#L150

This fails in the hibernate tests

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/442517b5e59976f86de63a8a3fa8fdef8638f112/wrapper/src/main/java/software/amazon/jdbc/hostlistprovider/AuroraHostListProvider.java#L223-L225

Describe the bug

We are seeing our connections to RDS MySQL Aurora 'failover' incorrectly to the reader node rather than the writer node when using the following configuration:

• JDBC Wrapper 1.0.2
• MySQL Connector 8.0.32
• Hikari 5.0.1
• A Custom Domain CNAME to the cluster writer (TTL = 1s)
• A jdbc url like this: jdbc:aws-wrapper:mysql://[custom-domain]:3306/db?clusterInstanceHostPattern=?.[clusterid].us-east-1.rds.amazonaws.com&wrapperLoggerLevel=ALL

Our test is similar to the one described in: awslabs/aws-mysql-jdbc#377

We simply have a loop periodically getting the 1 and only connection from the connection pool, doing some transactions, releasing the connection. We then initiate a failover from the writer to a reader. We see this issue when the connection is idle in the pool and subsequently checked out. We then get this sort of error:

java.sql.SQLException: The MySQL server is running with the --read-only option so it cannot execute this statement

Attached is the anonymized debug log during the cut over.

When using the cluster writer endpoint directly the issue does not seem to happen.

Expected Behavior

The failover should end up on the writer node.

What plugins are used? What other connection properties were set?

Default plugins are used. No additional properties other than in the JDBC url.

Current Behavior

The connection ends up on the reader instead of the writer.

Reproduction Steps

See description. Attached is the debug log.
wrapper.txt

Possible Solution

No response

Additional Information/Context

No response

The AWS Advanced JDBC Driver version used

1.0.2

JDK version used

Corretto 11.0.17.8.1

Operating System and version

Amazon Linux 2 (4.14.296-222.539.amzn2.x86_64)

In https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/examples/HibernateExample/src/main/resources/META-INF/persistence.xml which accompanies the Hibernate example, there's a reference to this class:

        <property name="hibernate.dialect" value="software.amazon.utility.AuroraPostgreSQLDialect"/>

Unless I've missed it somewhere, this class doesn't seem present in the codebase.
Could you clarify what it's supposed to do, or if it's actually necessary after all?

Hi Team,

There are two issues/queries with aws-advanced-jdbc-wrapper.

1. As per the documentation, tried to use the ReadWriteSplittingPlugin for our project. But it looks like ReadWriteSplittingPlugin feature is yet to be released as it is not available as part of version 1.0.0.

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/using-plugins/UsingTheReadWriteSplittingPlugin.md

Could you please advise when this plugin will be available?

2. Hence, tried to clone the repository in the local system and build the project by running the command "./gradlew build".
   But It's generating the jar only with manifest file. Couldn't able to build in local system. Please advise on this.

Attached for your reference.

aws-advanced-jdbc-wrapper-1.0.0.jar.zip

Describe the bug

When are using the wrapper in conjunction with Hikari and you change the username and password the Wrapper seems to be caching credentials and not changing them.
In our application we have rotating credentials and this causes a failure.
This is a regression in 1.0.1 from 1.0.0

Expected Behavior

changing the username and password in hikari should update the AWS wrapper credentials

What plugins are used? What other connection properties were set?

none

Current Behavior

Hikari connections keep using old credentails

Reproduction Steps

I have attached a gradle project with a unit test which fails with version 1.0.1 and passes with version 1.0.0
To run the test simply run
./gradlew test
bug.tar.gz

Possible Solution

No response

Additional Information/Context

No response

The AWS Advanced JDBC Driver version used

1.0.1

JDK version used

17.0.4

Operating System and version

MacOS Ventura and Linux

Describe the bug

secretsManagerRegion should not be mandatory if ARN provided for secretsManagerSecretId.

Ref https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/using-plugins/UsingTheAwsSecretsManagerPlugin.md

Expected Behavior

Region is parsed from ARN secretsManagerSecretId.

What plugins are used? What other connection properties were set?

SecretsManagerPlugin

Current Behavior

secretsManagerRegion is mandatory

Reproduction Steps

Documentation states secretsManagerRegion is mandatory
https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/main/docs/using-the-jdbc-driver/using-plugins/UsingTheAwsSecretsManagerPlugin.md#aws-secrets-manager-connection-plugin-parameters

Possible Solution

No response

Additional Information/Context

No response

The AWS Advanced JDBC Driver version used

any

JDK version used

any

Operating System and version

1.0.2

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/1f04b6aec49e819c48331bb2a5434a59af8b517b/docs/using-the-jdbc-wrapper/using-plugins/UsingTheAwsSecretsManagerPlugin.md?plain=1#L13

Since this is not being used I am going to suggest that we remove the property names until we have a customer requested use case

https://github.com/awslabs/aws-advanced-jdbc-wrapper/blob/0b04bc682742e93c07f43c572f9a53fbf77556f6/wrapper/src/main/java/software/amazon/jdbc/wrapper/ConnectionWrapper.java#L684

Describe the bug

The method WrapperUtils#getConnectionFromSqlObject may throw an NPE here if rs.getStatement() returns null.

Caused by: java.lang.NullPointerException
	at software.amazon.jdbc.util.WrapperUtils.getConnectionFromSqlObject(WrapperUtils.java:535)
	at software.amazon.jdbc.ConnectionPluginManager.execute(ConnectionPluginManager.java:318)
	at software.amazon.jdbc.util.WrapperUtils.executeWithPlugins(WrapperUtils.java:226)
	at software.amazon.jdbc.wrapper.ResultSetWrapper.next(ResultSetWrapper.java:1202)
	at org.hibernate.tool.schema.extract.internal.AbstractInformationExtractorImpl.extractNameSpaceTablesInformation(AbstractInformationExtractorImpl.java:688)
	at org.hibernate.tool.schema.extract.internal.AbstractInformationExtractorImpl.lambda$getTables$3(AbstractInformationExtractorImpl.java:570)
	at org.hibernate.tool.schema.extract.internal.InformationExtractorJdbcDatabaseMetaDataImpl.processTableResultSet(InformationExtractorJdbcDatabaseMetaDataImpl.java:69)
	at org.hibernate.tool.schema.extract.internal.AbstractInformationExtractorImpl.getTables(AbstractInformationExtractorImpl.java:564)
	at org.hibernate.tool.schema.extract.internal.DatabaseInformationImpl.getTablesInformation(DatabaseInformationImpl.java:122)
	at org.hibernate.tool.schema.internal.GroupedSchemaMigratorImpl.performTablesMigration(GroupedSchemaMigratorImpl.java:71)
	at org.hibernate.tool.schema.internal.AbstractSchemaMigrator.performMigration(AbstractSchemaMigrator.java:225)
	at org.hibernate.tool.schema.internal.AbstractSchemaMigrator.doMigration(AbstractSchemaMigrator.java:126)
	at org.hibernate.tool.schema.spi.SchemaManagementToolCoordinator.performDatabaseAction(SchemaManagementToolCoordinator.java:284)
	at org.hibernate.tool.schema.spi.SchemaManagementToolCoordinator.lambda$process$5(SchemaManagementToolCoordinator.java:143)
	at java.base/java.util.HashMap.forEach(HashMap.java:1337)
	at org.hibernate.tool.schema.spi.SchemaManagementToolCoordinator.process(SchemaManagementToolCoordinator.java:140)
	at org.hibernate.internal.SessionFactoryImpl.<init>(SessionFactoryImpl.java:336)
	at org.hibernate.boot.internal.SessionFactoryBuilderImpl.build(SessionFactoryBuilderImpl.java:415)
	at org.hibernate.jpa.boot.internal.EntityManagerFactoryBuilderImpl.build(EntityManagerFactoryBuilderImpl.java:1423)

Expected Behavior

No NullPointerException.

What plugins are used? What other connection properties were set?

None

Current Behavior

NullPointerException

Reproduction Steps

This error is thrown when running the Hibernate-ORM test suite with the AWS Advanced JDBC driver.

Possible Solution

Add a null check.

Additional Information/Context

No response

The AWS Advanced JDBC Driver version used

1.0.1

JDK version used

Java 11

Operating System and version

Ubuntu