Package org.h2.engine

Class Engine


  • public final class Engine
    extends java.lang.Object
    The engine contains a map of all open databases. It is also responsible for opening and creating new databases. This is a singleton class.
    • Field Detail

      • WRONG_PASSWORD_DELAY

        private static volatile long WRONG_PASSWORD_DELAY
      • JMX

        private static boolean JMX
    • Constructor Detail

      • Engine

        private Engine()
    • Method Detail

      • openSession

        private static SessionLocal openSession​(ConnectionInfo ci,
                                                boolean ifExists,
                                                boolean forbidCreation,
                                                java.lang.String cipher)
      • throwNotFound

        private static void throwNotFound​(boolean ifExists,
                                          boolean forbidCreation,
                                          java.lang.String name)
      • createSession

        public static SessionLocal createSession​(ConnectionInfo ci)
        Open a database connection with the given connection information.
        Parameters:
        ci - the connection information
        Returns:
        the session
      • close

        static void close​(java.lang.String name)
        Called after a database has been closed, to remove the object from the list of open databases.
        Parameters:
        name - the database name
      • validateUserAndPassword

        private static void validateUserAndPassword​(boolean correct)
        This method is called after validating user name and password. If user name and password were correct, the sleep time is reset, otherwise this method waits some time (to make brute force / rainbow table attacks harder) and then throws a 'wrong user or password' exception. The delay is a bit randomized to protect against timing attacks. Also the delay doubles after each unsuccessful logins, to make brute force attacks harder. There is only one exception message both for wrong user and for wrong password, to make it harder to get the list of user names. This method must only be called from one place, so it is not possible from the stack trace to see if the user name was wrong or the password.
        Parameters:
        correct - if the user name or the password was correct
        Throws:
        DbException - the exception 'wrong user or password'