We're using the standard Java AWS SDK for other AWS services, using BasicAWSCredentials for authentication. For Athena integration we're using the standard AWS Athena JDBC driver. This has been working fine, but when upgrading to the latest Athena JDBC driver version (2.0.15) the usage of BasicAWSCredentials elsewhere in the application stopped working
The error message we get is:
class "com.amazonaws.auth.BasicAWSCredentials"'s signer information does not match signer information of other classes in the same package
As far as I can figure out this error message is caused by different classes in the same packages being loaded from different jars that are not signed in the same way. Indeed: the core SDK jars from maven are not signed, but the 2.0.15 Athena JDBC driver jar (which - for some obscure reason - includes e.g. com.amazonaws.auth.AWSCredentials and com.amazonaws.auth.AWSCredentialsProvider) is signed by "Amazon.com Services LLC".
This means that the JVM may (perhaps depending on classpath ordering) try to load com.amazonaws.auth.AWSCredentials from the JDBC driver jar, but the com.amazonaws.auth.BasicAWSCredentials class is defined in the aws-java-sdk-core jar, i.e. the JVM is being told to load different classes in the same package from differently signed jars.
Bottom line: it appears to be a bad idea to include the com.amazonaws.auth classes in the JDBC driver jar, particularly since this jar is signed in the latest version. The JVM (JDK 11) will not accept loading different classes from this package unless all jars are signed in the same way.
Ideas/workarounds? I would prefer not tampering with any external jars.
