I cannot connect to Microsoft SQL Server v. 2008 in Websphere IIB (formerly, Message Broker) with a JDBC provider.
I've created the provider according to the IBM documentation - Setting up a JDBC provider for type 4 connections and specified a valid security identity.
I've also tried using the latest versions of sqljdbc4.jar and sqljdbc41.jar from Microsoft.
I'm trying to get the connection using:
Connection conn = getJDBCType4Connection(THE_NAME_OF_THE_PROVIDER,JDBC_TransactionType.MB_TRANSACTION_AUTO)
I get the following error trace:
Exception details: message: java.lang.ExceptionInInitializerError stack trace: [java.lang.J9VMInternals.initialize(J9VMInternals.java:259)
javax.crypto.KeyAgreement.getInstance(Unknown Source)
com.ibm.jsse2.lb.g(lb.java:44)
com.ibm.jsse2.lb.a(lb.java:108)
com.ibm.jsse2.l$c_.a(l$c_.java:6)
com.ibm.jsse2.l.a(l.java:80)
com.ibm.jsse2.m.a(m.java:15)
com.ibm.jsse2.m.h(m.java:13)
com.ibm.jsse2.qc.a(qc.java:38)
com.ibm.jsse2.qc.<init>(qc.java:632)
com.ibm.jsse2.SSLSocketFactoryImpl.createSocket(SSLSocketFactoryImpl.java:16)
com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1606)
com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:1324)
com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:992)
com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:828)
com.microsoft.sqlserver.jdbc.SQLServerDataSource.getConnectionInternal(SQLServerDataSource.java:629)
com.microsoft.sqlserver.jdbc.SQLServerPooledConnection.createNewConnection(SQLServerPooledConnection.java:60)
com.microsoft.sqlserver.jdbc.SQLServerPooledConnection.<init>(SQLServerPooledConnection.java:42)
com.microsoft.sqlserver.jdbc.SQLServerXAConnection.<init>(SQLServerXAConnection.java:30)
com.microsoft.sqlserver.jdbc.SQLServerXADataSource.getXAConnection(SQLServerXADataSource.java:51)
com.ibm.broker.jdbctype4.jdbcdbasemgr.JDBCType4Connection.createXAConnection(JDBCType4Connection.java:244)
com.ibm.broker.jdbctype4.jdbcdbasemgr.JDBCType4DatabaseManager.getThreadOwnedConnections(JDBCType4DatabaseManager.java:308)
com.ibm.broker.jdbctype4.localtrxn.JDBCType4SinglePhaseTrxnHandler.getConnection(JDBCType4SinglePhaseTrxnHandler.java:262)
com.ibm.broker.jdbctype4.localtrxn.JDBCType4SinglePhaseTrxnHandler.getConnection(JDBCType4SinglePhaseTrxnHandler.java:154)
com.ibm.broker.jdbctype4.connfact.JDBCType4ConnectionFactory.getConnection(JDBCType4ConnectionFactory.java:163)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:94)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
java.lang.reflect.Method.invoke(Method.java:619)
com.ibm.broker.plugin.MbNode.getJDBCType4Connection(MbNode.java:1575)
ru.cinimex.fr2back.FR2BACK_DB_InsertMessage_JavaCompute.fillInCache(FR2BACK_DB_InsertMessage_JavaCompute.java:115)
ru.cinimex.fr2back.FR2BACK_DB_InsertMessage_JavaCompute.createCache(FR2BACK_DB_InsertMessage_JavaCompute.java:102)
ru.cinimex.fr2back.FR2BACK_DB_InsertMessage_JavaCompute.evaluate(FR2BACK_DB_InsertMessage_JavaCompute.java:38)
com.ibm.broker.javacompute.MbRuntimeJavaComputeNode.evaluate(MbRuntimeJavaComputeNode.java:339)
com.ibm.broker.plugin.MbNode.evaluate(MbNode.java:1491)
I think the SQL server driver is trying to use SSL which comes into a conflict with IBM's Java. Is there a way to prevent it from using SSL at all?
When I'm doing the same thing with an Oracle database, everything works well.
It's a requirement to use JDBC and not IIB's native ODBC drivers.
If you want to disable the Microsoft JDBC Driver's use of SSL, it should be possible to do so by setting the "encrypt" data source property to a value of false.
https://msdn.microsoft.com/en-us/library/bb879920%28v=sql.110%29.aspx
The above would apply if you were programmatically creating & configuring the data source. In the case where there is intermediate code handling that, it's likely there would be somewhere to specify name/value pairs of data source properties, for example, in data source configuration or on an API that you are using. Is there anywhere that you have the opportunity to do that? If this were a WebSphere Application Server data source, it would either be in data source custom properties (traditional) or properties.microsoft.sqlserver element nested under dataSource in server.xml (Liberty).
Related
We are in the process of upgrading our database version from DB2 11.1.3 to DB2 11.5.6. We have been using Flyway for 4 years for migrating our code. The version we are using is 5.1.3 and it is working well, except it throws a warning the DB2 11.5 is not supported.
I have downloaded and tried to use Flyway 7.13.0 and 7.15.0 in our process but they both throw the following error
ERROR: Unable to obtain connection from database (jdbc:db2://VAN-FCALLANDER:50000/TMLCLCUR:retrieveMessagesFromServerOnGetMessage=true;) for user 'TMWIN': [jcc][10214][10050][4.29.24] java.util.Properties object passed to java.sql.Driver.connect() cannot be overridden by URL: jdbc:db2://VAN-FCALLANDER:50000/TMLCLCUR:retrieveMessagesFromServerOnGetMessage=true;. ERRORCODE=-4461, SQLSTATE=42815
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
SQL State : 42815
Error Code : -4461
Message : [jcc][10214][10050][4.29.24] java.util.Properties object passed to java.sql.Driver.connect() cannot be overridden by URL: jdbc:db2://VAN-FCALLANDER:50000/TMLCLCUR:retrieveMessagesFromServerOnGetMessage=true;. ERRORCODE=-4461, SQLSTATE=42815
Caused by: com.ibm.db2.jcc.am.SqlSyntaxErrorException: [jcc][10214][10050][4.29.24] java.util.Properties object passed to java.sql.Driver.connect() cannot be overridden by URL: jdbc:db2://VAN-FCALLANDER:50000/TMLCLCUR:retrieveMessagesFromServerOnGetMessage=true;. ERRORCODE=-4461, SQLSTATE=42815
According to IBM, the error being returned is from the way the parameter is set by Flyway. https://www.ibm.com/docs/en/db2/11.5?topic=errors-errorcode-4461
I have tried using both the 11.1 (type3) driver and the 11.5 (type4) driver and both are throwing the same message.
Any idea how to get around this without updating the actual Flyway code the way IBM suggests?
Looks like the Flyway code may need some change.
Check their issues page and open a ticket if a ticket does not already exist there.
Otherwise there are possible workarounds for now.
In your specific case, the attribute appended to the URL triggers the exception so you can try:
(1) Change the flyway.url to remove :retrieveMessagesFromServerOnGetMessage=true
(2) Change the flyway config to supply this property via the fltway.jdbcProperties (or equivalent method) if that is enabled in your flyway version: flyway.jdbcProperties.retrieveMessagesFromServerOnGetMessage=true . See docs
https://flywaydb.org/documentation/configuration/parameters/jdbcProperties
or
(3) externally configure the connection property that you need via the IBM db2dsdriver.cfg. See the IBM Db2 documentation for details. The idea is that you can put all (or some of) the Data Source Name details and parameters into an XML file (db2dsdriver.cfg) and the Db2 driver will parse that at runtime to carry out your instructions.
or
(4) remove the property from the URL and suffer the absence of detailed messages on errors until the flyway code gets fixed.
I have been using Oracle cloud PAAS linux server for my DB machine (Oracle 11g) and having linux application server where i can run all my Java applications.
Assume i have spring based web application which can connect cloud DB machine. I have tried to access the schema in Toad for oracle, it is working as expected but when i try to hit the DB for retrieving the data from application it gives below error.
java.sql.SQLException: Io exception: Oracle Error ORA-12650
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112)
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:146)
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:255)
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:387)
at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:420)
at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:165)
at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:35)
at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:801)
at java.sql.DriverManager.getConnection(DriverManager.java:582)
at java.sql.DriverManager.getConnection(DriverManager.java:154)
at GetConnection.main(GetConnection.java:35)
I have also tried to extend the service access from SID to service name in DB machine. Still give same error. Same code works fine in another cloud machine, which was set by us. But this cloud machine was done by oracle team and most of the things are by default.
Please share your suggestion to fix this issue.
This issue is because of Oracle DB machine encryption ENCRYPTION_SERVER settings. As i understood which is default and set it to enabled, when we set it to disabled or comment the line then application will work as expected. Below is the file name for reference,
Filename : sqlnet.ora (We have to disable ENCRYPTION_SERVER settings)
File Location : ../oracle/product/11.2.0/dbhome_1/network/admin
Hope this helps some one.!
It did not help me at all. Actually I followed your solution and I ended up having another error more critical and serious than the one trying to solve.
Let me explain. First of all the value "disabled" that you mentioned is not even an accepted value for this parameter. According to Oracle (Oracle Docs) these are the accepted values that anyone can use:
SQLNET.ENCRYPTION_SERVER
Purpose
To turn encryption on for the database server.
Default
accepted
Values
accepted: to enable the security service if required or requested by the other side.
rejected: to disable the security service, even if the required by the other side.
requested: to enable the security service if the other side allows it.
required: to enable the security service and disallow the connection if the other side is not enabled for the security service.
Example
SQLNET.ENCRYPTION_SERVER=accepted
In my case being a 12c Oracle Cloud database the default was set to "required" giving me the error "Io exception: Oracle Error ORA-12650" when trying to start my application.
Setting the parameter to "accepted" solved the issue and managed to start my application.
In case you still get the error you can also set the following parameter to accepted:
SQLNET.CRYPTO_CHECKSUM_SERVER = accepted
if you see that in your sqlnet.ora the value is set to "required".
Please have in mind that my application as well as my OCI setup are for testing purposes only and they are not intended to be used in production environment. Setting the value of SQLNET.ENCRYPTION_SERVER and SQLNET.CRYPTO_CHECKSUM_SERVER to "accepted" will significantly lower your Database's security making it vulnerable to any attacks from any application that has access to it. The best case scenario is to modify your application to use the ENCRYPTION as "required".
Downgrading the OJDBC jar to version7 also works - Replace higher version(ojdbc14.jar was the culprit in my case) with ojdbc7.jar in your dependency files
I'm interested in generating the Oracle network trace file using the Oracle JDBC thin client. In particular, I'm interested in the details of the network encryption negotiation and validating the specific algorithm being used for the connection.
From other Oracle clients, such as SQL*Plus, this is accomplished by updating the $ORACLE_HOME/network/admin/sqlnet.ora file with the following content:
DIAG_ADR_ENABLED=off
TRACE_DIRECTORY_CLIENT=/tmp
TRACE_FILE_CLIENT=nettrace
TRACE_LEVEL_CLIENT=16
This produces a trace file that contains all the details I'm interested, e.g.
(2017502720) [09-MAR-2017 13:43:25:133] na_tns: Authentication is not active
(2017502720) [09-MAR-2017 13:43:25:133] na_tns: Encryption is active, using AES256
(2017502720) [09-MAR-2017 13:43:25:133] na_tns: Crypto-checksumming is active, using SHA1
I'd like to accomplish the same thing from my Java application.
I've already enabled Oracle tracing in my app by doing the following:
including the ojdbc7_g.jar on the classpath
creating a logging.properties file with oracle.level = ALL
specifying the following system properties: -Doracle.jdbc.Trace=true -Djava.util.logging.config.file=/path/to/logging.properties
This provides detailed Oracle jdbc logging, including some oracle.net log messages, but does not contain the same detailed content as the tracing configured in sqlnet.ora (specifically, for example, I can't see which encryption algorithm is being used).
How can I get this detailed net tracing from my Oracle JDBC application? Are there any corresponding thin client connection properties that can be provided to my OracleDataSource (I didn't notice any related oracle.jdbc.OracleConnection constants, which is where I set some other properties that are typically specified in sqlnet.ora)?
It is an old whitepaper, but maybe it is still possible to enable it for the thin client like this:
https://www.oracle.com/technetwork/database/enterprise-edition/11-2.pdf
[..]
Not all issues can be resolved by looking at the JDBC logging messages. For some it is helpful tolook at the network packets the driver exchanges with the server. The OCI C library has anetwork trace mode that provides this information. This is well documented and can be found in the OCI documentation. The Thin driver does not use the OCI C library so that does not help when you are using the Thin driver. Beginning with Oracle Database Release 11.2, the OracleJDBC Thin driver include a network trace capability. Like all other JDBC logging, it uses java.util.logging.In order to generate network level trace information add the following line to your config file:oracle.net.ns.level = FINEST
[..]
Using jtds 1.2.5 I have this error when I stablish a connection: "No message resource found for message property prop.sokeepalive"
At first, I was using 1.2.2 version but I have this error message. "Error getting jdbc connection: The USE database statement failed because the database collation Serbian_Latin_100_CI_AS is not recognized by older client drivers. Try upgrading the client operating system or applying a service update to the database client software, or use a different collation. See SQL Server Books Online for more information on changing collations."
As solution, I tried to use 1.2.5 version getting the error mentioned at the beggining.
I was looking for hints in jtds documentation, but I can not resolve the problem.
any ideas?
Thanks in advance.
Try running client JVM with -Duser.language=en -Duser.region=US -Duser.country=US options.
This would switch to everywhere-supported US locale.
Maybe this easy solution would be acceptable in your case.
At least, this would reveal if the problem is in lack of i18n messages resource bundle for current locale in jtds package, as I guess.
Update
Try to just copy jtds.jar/net/sourceforge/jtds/jdbc/Messages.properties and add it to classpath or right inside jtds.jar as net/sourceforge/jtds/jdbc/Messages_sr_RS.properties.
Some explaining links:
Message bundle choosing process
net.sourceforge.jtds.jdbc.Messages source
http://www.localeplanet.com/java/sr-RS/
Update 2
Message bundle choosing process should switch to default provided resource anyway.
My second guess is that Messages.properties of jtds package gets eclipsed by some unrelated file with the same name.
Check your classpath.
You should be able to debug net.sourceforge.jtds.jdbc.Messages in order to find what's happening on for sure.
I have tried other jtds versions. from 1.2.2 yo 1.3.1 (recompiled to java 1.6) and all of them has the same error.
"Error getting jdbc connection: The USE database statement failed because the database collation Serbian_Latin_100_CI_AS is not recognized by older client drivers. Try upgrading the client operating system or applying a service update to the database client software, or use a different collation. See SQL Server Books Online for more information on changing collations."
Perhaps jdts does not support this collation.
I am trying to connect to a db2 database in Java. Below the driver and the connection string and the driver details i am giving
Class.forName("COM.ibm.db2.jdbc.net.DB2Driver");
String url="jdbc:db2://hostname:portnumber/databasename";
sourceConnection=DriverManager.getConnection(url,"username","password");
But I am getting the below exception
"COM.ibm.db2.jdbc.DB2Exception: [IBM][JDBC Driver] CLI0615E Error receiving from socket, server is not responding. SQLSTATE=08S01"
I also tried changing the connection string to
String url="jdbc:db2:hostname:portnumber/databasename";
Still it is resulting the same exception above while trying to get the Connection.
And i have tried the below option also using JDBC app driver
Class.forName("COM.ibm.db2.jdbc.app.DB2Driver");
DB2DataSource db2ds = new DB2DataSource();
db2ds.setServerName("hostname");
db2ds.setPortNumber(portnumber);
db2ds.setDatabaseName("databasename");
db2ds.setUser("username");
db2ds.setPassword("password");
sourceConnection=db2ds.getConnection();
For the above two connection I used the jar "db2java.jar"
And i have tried using the JCC driver:
Class.forName("com.ibm.db2.jcc.DB2Driver");
String url="jdbc:db2://hostname:portnumber/databasename";
sourceConnection=DriverManager.getConnection(url,"username","password");
For this connection i have added the below jars
1)db2jcc.jar
2)db2jcc_license_cu.jar
This time around I am getting the below error,
"com.ibm.db2.jcc.am.go: [jcc][t4][201][11237][3.57.82] Connection authorization failure occurred.
Reason: Security mechanism not supported. ERRORCODE=-4214, SQLSTATE=28000"
I tried to connect to the same db2 source using "Quest for DB2" tool and the connection was successful.
Am i missing something in the code and is it a problem with DB2 drivers or connection string?
Can someone please guide me.
Thanks in advance.
Cause:
If the DB2® instance where InfoSphere Optim Performance Manager is running has the authentication configuration parameter set to DATA_ENCRYPT, you cannot log in to the web console.
Resolving the problem:
Do the following steps:
On the DB2 instance where Optim Performance Manager is running, set the authentication configuration parameter to SERVER by issuing the following command:
db2 update dbm cfg using authentication server
Restart the DB2 instance and InfoSphere Optim Performance Manager.
For more details visit here.
Your first two attempts were not supposed to work. You're using the JCC driver URL format, so it wouldn't be valid for either "net" or "app" drivers, which are deprecated anyway.
Use the JCC driver (com.ibm.db2.jcc.DB2Driver) and the URL format of "jdbc:db2://hostname:portnumber/databasename" and see this technote for the solution to the "Security mechanism not supported" problem. In short, you need to use a supported JDK.