Hi Folks,
I am trying to connect to a Oracle DB using a thin JDBC Driver in a client(a Java Application)
i added below code to my java DB connection program
int level = AnoServices.REQUIRED;
Properties props = new Properties();
props.put("oracle.net.encryption_client", Service.getLevelString(level));
props.put("oracle.net.encryption_types_client", "(RC4_256,RC4_56,RC4_128,RC4_40,3DES168,3DES112)");
props.put("oracle.net.crypto_checksum_client",Service.getLevelString(level));
props.put("oracle.net.crypto_checksum_types_client", "(MD5)");
props.put( "user", "user" );
props.put( "password", "password" );
Connection conn = DriverManager.getConnection("jdbc:oracle:thin:@HOSTNAME:PORT/DB", props);
Using this i am able to connect to DB but when the security tester analyze the network traffic he can see the connection string in plain text.
But the queries going to server and the result coming from server are in encrypted form.
Can anyone plz suggest wat can i do into it, do i need to add few more properties in props?
Do i need to make some configuration in server side as well? Currently in server side all configuration is default ( i.e. ACCEPTED)
Plz help......