Unanswered: Incorrect login via JSP actually attempting TWO Oracle logins?
I really don't know if this is the appropriate place to post this question (I already got rejected from the Oracle forum), but I've run into a very interesting problem.
I administer a website that runs on Apache Tomcat 6.0, using JSP pages, and interfaces with an Oracle 10g database using the JDBC Thin client driver. We require our users to log in before they can gain access to the website, so we decided to let Oracle manage most of that. Each user has an Oracle account, and we have it set for their accounts to become locked after three failed logins.
When I test this out using SQL Plus or SQL Worksheet, accounts do indeed become locked after three failed logins, which is great. However, when I create a connection in our JSP page, accounts become locked after only two failed logins. After some extensive testing by changing the # of failed logins allowed in Oracle, it seems as if the connection via JSP actually tries to log in TWICE. Here is my connection code: