When I try to connect java application to oracle db using jdbc thin client, my system name was sent to db server without host name (eg. 102XXXXX) But when I try with oracle client(PL/SQL developer), my system name was sent to db server with domain name appended (eg. North_America/102XXXXX). And in oracle server, my machine is whitelisted with domain name (eg. North_America/102XXXXX). So I got account locked exception when try to run the java application but have successful connection from PL/SQL developer. I am not sure how to solve this issue from my side. I need both connection. Anyone has any idea?
Note that you can also customize what the Oracle JDBC thin driver sends for the system name during authentication by setting this property "v$session.machine".
Related
We have a java project in an Azure virtual machine (VM), and need connect to Azure SQL db by JDBC connection, so we use the JDBC connection string provided by Azure SQL db as follows:
"jdbc:sqlserver://ZZZdbserver.database.windows.net:1433;database=ZZZ;user=*****;password=*****;encrypt=true;trustServerCertificate=false;hostNameInCertificate=*.database.windows.net;loginTimeout=30;"
but we got an exception:
"java.security.cert.CertificateException: Failed to validate the server name in a certificate during Secure Sockets Layer (SSL) initialization.
The server name is *.database.windows.net, the name in certificate is cr2.eastus1-a.control.database.windows.net."
then we updated the JDBC connection string to:
"jdbc:sqlserver://ZZZdbserver.database.windows.net:1433;database=ZZZ;user=*****;password=*****;encrypt=true;trustServerCertificate=false;hostNameInCertificate=cr2.eastus1-a.control.database.windows.net;loginTimeout=30;"
but we got another exception:
org.apache.commons.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (Cannot open server "ZZZ1" requested by the login. The login failed.)
where "ZZZ1" is our username for the Azure VM.
Any idea to solve this issue?
By default, Azure VM has not blocked the outbound connection to the Internet. You could first verify the network connectivity from your VM to the Azure SQL database via running the command telnet ZZZdbserver.database.windows.net 1433 in CMD or Test-NetConnection -computer ZZZdbserver.database.windows.net -port 1433 in Powershell. If it fails, you may check if there is any firewall blocking this database connection or port or your application is listening on that port or your SQL database is online.
Additionally, if the network connectivity has succeeded, you could verify if the username or password is correct when you are using to connect to your database. Make sure there is not any typo. Also, the username should have enough privileges to access this database. You can try to access this database via Server admin login in the properties of the SQL database. Moreover, you could refer to this sample code to use Java to connect to access the Azure SQL database.
When using the Microsoft JDBC Driver for SQL Server to connect to an Azure SQL Database. You should note this:
Appending the server name to the userId in the connection string
Prior to the 4.0 version of the Microsoft JDBC Driver for SQL Server,
when connecting to an Azure SQL Database, you were required to append
the server name to the UserId in the connection string. For example,
user#servername. Beginning in version 4.0 of the Microsoft JDBC Driver
for SQL Server, it's no longer necessary to append #servername to the
UserId in the connection string.
Using encryption requires setting hostNameInCertificate
Prior to the 7.2 version of the Microsoft JDBC Driver for SQL Server,
when connecting to an Azure SQL Database, you should specify
hostNameInCertificate if you specify encrypt=true (If the server name
in the connection string is shortName.domainName, set the
hostNameInCertificate property to *.domainName.). This property is
optional as of version 7.2 of the driver.
Hope this helps.
If I need set encrypt=true, and hostNameInCertificate=cr2.eastus1-a.control.database.windows.net. Where do I need get the certificate for cr2.eastus1-a.control.database.windows.net from Azure SQL DB's service?
I am trying to connect to H2 Server started on the same machine using java. I started the H2 server in mixed mode. While connecting to the server I am getting Error.
The code to start the server is:
Server.createTcpServer("-tcp", "-tcpAllowOthers", "-tcpSSL").start();
The code to connect to the server is:
Class.forName("org.h2.Driver");
Connection conn = DriverManager.getConnection("jdbc:h2:tcp://127.0.0.1/~/Data/test", "", "");
The Error is:
Connection is broken: "unexpected status 352518912" [90067-197]
Anybody please help me with this. I am stuck at this for two days.
You need to use ssl protocol instead of tcp in the URL, because you use an encrypted socked on the server.
"jdbc:h2:ssl://127.0.0.1/~/Data/test"
Please also note that database cannot be created remotely by default in recent versions of H2 due to security reasons. You need to create the database on the server side with a local url such as "jdbc:h2:~/Data/test", it's enough to open and close a connection to it.
Also I hope that empty password is only for that example code in the question. If you have a database that has an user with ADMIN privileges (username and password from the first connection that creates the database are used to create such user) and an empty or weak password (or if you enable the remote database creation), anyone, who can connect to that port, will get full access to your server process and this process most likely already has the same access to your system as you, so you effectively create a remote security hole with -tcpAllowOthers and such passwords.
I am currently investigating how to make a connection to a SQL Server database from my Java EE web application using Windows Authentication instead of SQL Server authentication. I am running this app off of Tomcat 6.0, and am utilizing the Microsoft JDBC driver. My connection properties file looks as follows:
dbDriver = com.microsoft.sqlserver.jdbc.SQLServerDriver
dbUser = user
dbPass = password
dbServer = localhost:1433;databaseName=testDb
dbUrl = jdbc:sqlserver://localhost:1433
I have zero problems with connecting to a SQL Server database in this fashion when using SQL Server authentication.
Is there any way I can retrieve the credentials of the user's Windows Authentication and use that authentication for SQL Server?
UPDATE: I know in ASP.net there is a way to set up Windows Authentication for access to the webapp, which is exactly what I am looking for, except I want to pass that token off to SQL Server for access to the database.
I do not think one can push the user credentials from the browser to the database (and does it makes sense ? I think not)
But if you want to use the credentials of the user running Tomcat to connect to SQL Server then you can use Microsoft's JDBC Driver.
Just build your JDBC URL like this:
jdbc:sqlserver://localhost;integratedSecurity=true;
And copy the appropriate DLL to Tomcat's bin directory (sqljdbc_auth.dll provided with the driver)
MSDN > Connecting to SQL Server with the JDBC Driver > Building the Connection URL
look at
http://jtds.sourceforge.net/faq.html#driverImplementation
What is the URL format used by jTDS?
The URL format for jTDS is:
jdbc:jtds:<server_type>://<server>[:<port>][/<database>][;<property>=<value>[;...]]
...
domain
Specifies the Windows domain to authenticate in. If present and the user name and password are provided, jTDS uses Windows (NTLM) authentication instead of the usual SQL Server authentication (i.e. the user and password provided are the domain user and password). This allows non-Windows clients to log in to servers which are only configured to accept Windows authentication.
If the domain parameter is present but no user name and password are provided, jTDS uses its native Single-Sign-On library and logs in with the logged Windows user's credentials (for this to work one would obviously need to be on Windows, logged into a domain, and also have the SSO library installed -- consult README.SSO in the distribution on how to do this).
This actually works for me:
Per the README.SSO that comes with the jtdsd distribution:
In order for Single Sign On to work, jTDS must be able to load the native SPPI library ntlmauth.dll. Place this DLL anywhere in the system path (defined by the PATH system variable) and you're all set.
I placed it in my jre/bin folder
I configured a port dedicated the sql server instance (2302) to alleviate the need for an instance name - just something I do. lportal is my database name.
jdbc.default.url=jdbc:jtds:sqlserver://192.168.0.147:2302/lportal;useNTLMv2=true;domain=mydomain.local
Unless you have some really compelling reason not to, I suggest ditching the MS JDBC driver.
Instead, use the jtds jdbc driver. Read the README.SSO file in the jtds distribution on how to configure for single-sign-on (native authentication) and where to put the native DLL to ensure it can be loaded by the JVM.
I was having issue with connecting to MS SQL 2005 using Windows Authentication. I was able to solve the issue with help from this and other forums. Here is what I did:
Install the JTDS driver
Do not use the "domain= " property in the jdbc:jtds:://[:][/][;=[;...]] string
Install the ntlmauth.dll in c:\windows\system32 directory (registration of the dll was not required) on the web server machine.
Change the logon identity for the Apache Tomcat service to a domain User with access to the SQL database server (it was not necessary for the user to have access to the dbo.master).
My environment:
Windows XP clinet hosting Apache Tomcat 6 with MS SQL 2005 backend on Windows 2003
Using SQL Server Management Studio, I can log on to a local server, the name is:
BOB14630\SQL2012
(named instance of SQL2012 as I have SQL Server 2008 R2 and SQL Server 2012 on the same machine).
It logs in fine.
I also have a webapp and am trying to connect to a database called 'Repserv' on that server and am using a properties file to store the config parameters:
If I say:
dbConnectString=jdbc:jtds:sqlserver://BOB14630/Repserv;instance=SQL2012
it gives:
java.sql.SQLException: Server BOB14630 has no instance named SQL2012
If I say:
dbConnectString=jdbc:jtds:sqlserver://BOB14630\\SQL2012/Repserv
it gives:
java.sql.SQLException: Unknown server host name 'BOB14630\SQL2012'
What is the correct way to specify these parameters to get the web app to connect?
Thanks.
The link in the comment by Berger above gave the solution (the tcp/ip protocol was disabled). After enabling it and changing the connection string to the following, it worked:
dbConnectString=jdbc:jtds:sqlserver://BOB14630/Repserv;instance=SQL2012
I have encountered a problem when setting up a Data Source in Oracle WebLogic Server that is an AS400. When setting it up and testing the connection I get the error message:
"The application requester cannot establish the connection"
When checking on IBMs website I found the following:
What does "The application requester cannot establish the connection"
mean?
The Toolbox JDBC driver uses the system name, user ID, and password
provided in the call to DriverManager.getConnection() to establish a
connection to the IBM i database. If any of these are not provided,
the Toolbox JDBC driver will display a sign-on prompt. If the Toolbox
JDBC driver can not sign on to the system for any reason, it will
throw an SQLException with the message "The application requester
cannot establish the connection". Here is a list of potential causes
for this exception: The system name is incorrect. One way to verify
this is to use ping with the specified system name. If ping fails,
then there is a TCP/IP configuration problem between your client and
the system. The user ID or password is incorrect. The IBM i database
host server is not started. You can start this by running STRHOSTSVR
*DATABASE on the IBM i command line. You can verify if the IBM i database host server is running
using the utilities.JPing application.
(http://www-03.ibm.com/systems/power/software/i/toolbox/faq/jdbc.html#faqC6)
When I ping the server, it fails - which also makes sense. However, when I use just a plain java file that opens a connection, fires an sql and closes the connection like
connection1 = DriverManager.getConnection("server", "user", "password")
Statement statement1 = connection1.createStatement();
ResultSet result1 = statement1.executeQuery("SQLquery")
i get a perfect connection and correct result. How is this possible? How can I connect via WebLogic and ODI?
PS: I already installed the AS400 driver according to this manual