Skip to Main Content
Forums

Java Database Connectivity (JDBC)

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

External Authentication on Oracle Database using JDBC driver

843854May 19 2005 — edited Aug 26 2005
Hello,

We have a Java application which requires external authentication (OS authentication). We found from Oracle support that, OS authentication does not work with JDBC OCI driver. Is there any other JDBC driver using which we can achieve external /OS authentication?

Appreciate any help on this.

Thanks and Regards,
Vamsi Mohan Harish

-------------------------------------------------------------------------------------------------------------
Below is the information we have received from Oracle support:
-------------------------------------------------------------------------------------------------------------

Bug No. 3597388
Filed 27-APR-2004 Updated 21-APR-2005
Product JDBC Product Version 10.1.0.2
Platform Solaris Operating System (SPARC 64-bit) Platform Version No Data
Database Version 10.1.0.2 Affects Platforms Generic
Severity Severe Loss of Service Status Development to Q/A
Base Bug N/A Fixed in Product Version 10.2

Problem statement:

OS AUTHENTICATION DOESN'T WORK WITH 10I JDBC OCI DRIVER



*** 04/27/04 03:27 pm ***
Problem Description
--------------------
.
After Ct upgarded to 10i OS Authentication doesn't work with Jdbc. OS
Authentication works fine from sqlplus.
.
10i Jdbc Oci driver throws
.
java OSTest
Connecting using jdbc:oracle:oci:/@
Exception in thread "main" java.sql.SQLException: ORA-01017: invalid
.
The tests fail on UNIX as well as Windows
.
Database version doesn't matter. 10i driver throws the same error when
connecting to 9iR2 or 10i DB.
.
9iR2 driver works fine with OS Authentication when connecting to 9iR2 DB or
10i DB.
.
Jdbc version DB version OS Authentication
------------- ----------- -------------------
10g 10g Fails
10g 9iR2 Fails
9iR2 10g Works
9iR2 9iR2 Works
.
Testcase
=========
.
import java.sql.*;
import oracle.jdbc.driver.*;
.
public class OSTest
{
public static void main (String args []) throws SQLException
{
// Load the Oracle JDBC driver
.
.
// Change the following code line to reflect a valid connection to your
server
.
String str = "jdbc:oracle:oci:/@";
.
System.out.println("Connecting using " + str);
.
Connection conn = DriverManager.getConnection ( str);
.
// Create Oracle DatabaseMetaData object
DatabaseMetaData meta = conn.getMetaData ();
.
// gets driver info:
.
System.out.println("\n=============\nDatabase Product Name is ... " +
meta.getDatabaseProductName());
System.out.println("\nDatabase Product Version is " +
meta.getDatabaseProductVersion());
System.out.println("\n=============\nJDBC Driver Name is ........ " +
meta.getDriverName());
System.out.println("\nJDBC Driver Version is ..... " +
meta.getDriverVersion());
System.out.println("\nJDBC Driver Major Version is " +
meta.getDriverMajorVersion());
System.out.println("\nJDBC Driver Minor Version is " +
meta.getDriverMinorVersion());
System.out.println("\n=============");
}
}
.
.
*** 04/27/04 03:27 pm ***
Setting up Authentication at DB level
----------------------------------------
.
.
SQL> show parameter OS_AUTHENT_PREFIX
.
NAME TYPE VALUE
----------------------------- ----------- -----------------------
os_authent_prefix string ops$
.
SQL> show parameter remote_os_authent
.
NAME TYPE VALUE
------------------------------------ ----------- ----------
remote_os_authent boolean TRUE
.
SQL> create user ops$emrdbms IDENTIFIED EXTERNALLY;
.
SQL> grant create session to ops$emrdbms;
.
Note:- 18088.1 UNIX OS Authentication on Oracle Server
.
Output
======
.
.
[rmtdcsol3]/testcases/kiran> java OSTest
Exception in thread "main" java.sql.SQLException: ORA-01017: invalid
username/pa
.
at java.lang.Throwable.fillInStackTrace(Native Method)
at java.lang.Throwable.fillInStackTrace(Compiled Code)
at java.lang.Throwable.< init>(Compiled Code)
at java.lang.Exception.< init>(Exception.java:42)
at java.sql.SQLException.< init>(SQLException.java:43)
at
oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java
:124)
at
oracle.jdbc.driver.GetCharSetError.processError(T2CConnection.java:30
87)
at
oracle.jdbc.driver.T2CConnection.getCharSetIds(T2CConnection.java:281
0)
at
oracle.jdbc.driver.PhysicalConnection.< init>(PhysicalConnection.java:
343)
at oracle.jdbc.driver.T2CConnection.< init>(T2CConnection.java:135)
at
oracle.jdbc.driver.T2CDriverExtension.getConnection(T2CDriverExtensio
n.java:78)
at java.sql.DriverManager.getConnection(Compiled Code)
at java.sql.DriverManager.getConnection(DriverManager.java:159)
at OSTest.main(OSTest.java:18)
.
-- But sqlplus works fine
.
.
SQL*Plus: Release 10.1.0.2.0 - Production on Tue Apr 27 15:52:03 2004
.
Copyright (c) 1982, 2004, Oracle. All rights reserved.
.
.
Connected to:
Oracle Database 10g Enterprise Edition Release 10.1.0.2.0 - 64bit Production
With the Partitioning, OLAP and Data Mining options
.
SQL> show user
USER is "OPS$EMRDBMS"
.
*** 04/27/04 03:32 pm *** (CHG: Sta->16)
*** 04/28/04 01:13 am *** (CHG: Asg->NEW OWNER)
*** 04/29/04 05:33 am *** (CHG: Asg->NEW OWNER)
*** 04/29/04 05:33 am ***
In oci to make an os authenticated connection you set the username and
pass word to blank and credit to OCI_CRED_EXT. Checking what works and does
not work in JDBC.
.
OCI driver
~~~~~~~~~~
a) DriverManager.getConnection ("jdbc:oracle:oci:/@");
.
b) DriverManager.getConnection ("jdbc:oracle:oci:@");
.
c) DriverManager.getConnection ("jdbc:oracle:oci:@","","");
.
d) DriverManager.getConnection ("jdbc:oracle:oci:@","/","");
This is expected as / is not valid as a username.
.
Reproduced: DBJAVA_MAIN_SOLARIS_040427, 10.1.0.2
Not Reproduced: 9.2.0.5, 9.2.0.4
.
Thin driver
~~~~~~~~~~~
Os authentication does not work in any version. You get:
.
java.sql.SQLException: invalid arguments in call
.
as this feature is supported with the oci driver only.
*** 04/29/04 05:33 am *** (CHG: Asg->NEW OWNER)
*** 04/29/04 07:17 am ***
*** 04/29/04 07:23 am *** (CHG: Confirmed Flag->Y)
*** 04/29/04 07:23 am *** (CHG: Sta->11 Asg->NEW OWNER)
*** 04/29/04 07:23 am ***
*** 04/29/04 08:24 am ***
*** 04/29/04 06:47 pm *** (CHG: Asg->NEW OWNER)
*** 05/04/04 09:40 am *** (CHG: Fixed->10.2)
*** 05/04/04 09:40 am *** (CHG: Sta->80)
*** 05/04/04 09:40 am ***
*** 05/06/04 07:45 am ***
*** 05/06/04 11:03 am ***
*** 05/06/04 11:08 am ***
*** 05/14/04 10:19 am ***
*** 06/22/04 05:04 pm ***
*** 06/24/04 12:58 am ***
*** 06/30/04 09:32 am ***
*** 07/09/04 10:10 am ***
*** 07/12/04 03:41 am ***
*** 07/12/04 03:44 am ***
*** 07/13/04 04:40 am ***
*** 07/14/04 07:21 am ***
*** 07/26/04 05:00 pm ***
*** 07/27/04 02:50 am ***
*** 07/27/04 06:11 am ***
*** 07/27/04 06:11 am ***
*** 07/27/04 01:58 pm ***
*** 08/02/04 06:55 pm ***
*** 08/03/04 02:45 am ***
*** 08/07/04 08:31 am ***
*** 08/13/04 06:37 pm ***
*** 08/19/04 02:01 pm ***
*** 09/02/04 04:36 am ***
*** 09/03/04 10:06 am ***
*** 12/01/04 03:54 pm ***
*** 12/02/04 12:54 pm ***
*** 01/19/05 11:10 am ***
*** 01/19/05 05:24 pm ***
*** 01/19/05 05:28 pm ***
*** 01/19/05 05:31 pm ***
*** 01/25/05 12:39 am ***
*** 02/02/05 02:42 pm ***
*** 02/07/05 05:15 am ***
*** 02/25/05 03:04 pm ***
Note that this problem also applies to any sort of external authentication,
not only OS authenticaion. See bug 4208555.
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Sep 23 2005
Added on May 19 2005
#java-database-connectivity-jdbc
4 comments
541 views