I have a question regarding connecting my Java program to my Mysql database.
I watched a video which creates a method that can connect to my database and has the form:
enter code here
public static Connection getConnection() throws Exception{
try{
String driver = "....";
String url = "....";
String username ="....";
String password = "....";
Class.forName(driver);
Connection conn = DriverManager.getConnection(url,username,password);
return conn;
}
catch(Exception e){System.out.println("Connection failed ");}
return null;
When executing this method in each function (such as deleting an entry or adding), I always receive the message: "Sat Nov 05 12:04:49 CET 2016 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification."
How can I stop this error message and fix the above problem? Even though this message is shown, I can still work with the database, however, I want to get rid of the message because it harms the User interface (looks ugly and always gets repeated each time I connect to the database).
I know little about eclipse and MySQL. As a result, I don't know the terms use above.
Could anyone aid me on what to do in order to hide or remove the above message?
Thanks :)
This problem comes when you are trying to make SSL connection with the databse and you can avoid this warning by using the connection url:
jdbc:mysql://yourhost:port/dbname?useSSL=false
You can refer here for mysql jdbc connection properties.
Related
Based on oracle document, I create a wallet
mkstore -wrl /tmp/wl -create
Add a credential
mkstore -wrl /tmp/wl -createCredential localhost:1521/myservice user pass
In my java application, I want to connect to the database via this wallet
public static void main(String... args) throws Exception {
Class.forName("oracle.jdbc.driver.OracleDriver");
System.setProperty("oracle.net.wallet_location", "/tmp/wl");
Connection connection = DriverManager.getConnection("WHAT TO PUT HERE?");
}
But I don't know how to fill the connection string.
I would like NOT to use tnsnames.ora
Thanks
In my experience, use of tnsnames.ora was required when using a wallet for authentication, even for JDBC Thin connections. The connection alias in tnsnames.ora is matched to the connection alias in the wallet to provide the correct credential for a given connection.
That said, the latest documentation seems to say that you can enter a connection string along the lines of myhost:1521/myservice or (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost-scan)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=myservice))) as the db_connect_string parameter in the wallet. This would presumably negate the need for tnsnames.ora, as long as your connection URL after the "#" matched the db_connect_string in the wallet.
You connection URL then looks something like this:
jdbc:oracle:thin:#myhost:1521/myservice
You can pass wallet related connection properties as part of the connection URL. You can skip using tnsnames.ora.
See JDBC developer's guide for some examples.
public Connection getConnection()throws Exception {
String url = "jdbc:sqlserver://localhost:1433;databaseName=PRJ311;integratedSecurity=true;";
Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
return DriverManager.getConnection(url, userID, password);
}
So basically I have just installed ms sql server 2017 and I used default settings for developer. Do I need a username and password? And if it's needed, how can I get it? I have been googling the whole night so hopefully someone can help. Thanks!\n
P/s: My program is stuck and even though I use try-catch blocks, it prints out no error at all!
The connection name specified by sql server is: localhost\MSSQLSERVER01 (DESKTOP-TG6LRB4\emsnguyen)
I am using Maria JDBC driver for creating a connection to Amazon Aurora DB
I wanted to create a secured connection so I read here
To connect to a DB cluster with SSL using the MySQL utility
Download the public key for the Amazon RDS signing certificate from
https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem.
Note that this will download a file named rds-combined-ca-bundle.pem.
First Question: How exactly is it secured - anyone can download this pem file from Amazon AWS?
I did some research How should i connect into Aurora DB with public key
and i found these 2 links First, Second
So my Code is quite Simple:
Class.forName("org.mariadb.jdbc.Driver");
Properties prop = new Properties();
prop.setProperty("javax.net.ssl.trustStore","C:\\temp\\rds-combined-ca-bundle.pem");
prop.setProperty("user",jdbcDetails.username);
prop.setProperty("password",jdbcDetails.getSensitiveData());
java.sql.Connection conne = DriverManager.getConnection(jdbcDetails.connectionString, prop);
try (Statement stmt1 = conne.createStatement()) {
// Execute all but the rest
ResultSet rs = stmt1.executeQuery("Select 98765 from dual limit 2");
while(rs.next()) {
rs.getLong(1);
}
}
conne.close();
Second Question: How is having the public key file relate to Encryption?
The above information doesn't get along with Oracle Java information that says:
If the client wants to authenticate the server, then the client's trust store must contain the server's certificate
Third Question: From what I understand if the client trust the server it doesn't require him to use this file
Forth Question: I was checking the connection creation with Wireshark
both cases with and without this public key file i was able to create a connection and both cases in Wireshark appeared Encrypted
Something that looks like that:
Encrypted Application Data:
eb:62:45:fb:10:50:f7:8c............:b9:0a:52:e7:97:1d:34
Base on this answer I understand about public key usage:
First,
It appears that Amazon AWS Azure documentation is misleading a bit - it is only relevant for connection with specific tool called MySQL utility
An answer for First & Second & third Question:
"Java can definitely establish an SSL connection without a client
validating the certificate chain of the server."
the key exchange is made to ensure that the server that it's connected to is indeed the one it was expecting (i.e non-suspicious server)
This means that it's still the same SSL connection made, but with verifyServerCertificate=false it does not verify that it is the intended server
Answer Forth Question:
Currect, The code is in Java - and passing the SSL parameter make it encrypted.
So using these parameter gives what requires
?trustServerCertificate=true&useSSL=true&requireSSL=true&verifyServerCertificate=false
I'm writing a program that does some stuff on the database. Users are allowed to configure db processes, by passing db host port, type and credentials. It all works fine when values are correct. But when user passes invalid credentials I would like to show an error. So here is the part where I create my connection pool
ComboPooledDataSource cpds = new ComboPooledDataSource();
cpds.setJdbcUrl( connectionUrl );
cpds.setUser(username);
cpds.setPassword(password);
And later to verify if all is ok with the connection I do
cpds.getConnection()
I would expect to get some SQLException with vendor specific error saying that credentials are invalid (which happens when you use typical DriverManager way of getting the connection), but instead the process waits until a connection checkout exception is thrown
java.sql.SQLException: An attempt by a client to checkout a Connection has timed out.
at com.mchange.v2.sql.SqlUtils.toSQLException(SqlUtils.java:118)
at com.mchange.v2.sql.SqlUtils.toSQLException(SqlUtils.java:77)
at com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool.checkoutPooledConnection(C3P0PooledConnectionPool.java:690)
....
Caused by: com.mchange.v2.resourcepool.TimeoutException: A client timed out while waiting to acquire a resource from com.mchange.v2.resourcepool.BasicResourcePool#20014b8 -- timeout at awaitAvailable()
at com.mchange.v2.resourcepool.BasicResourcePool.awaitAvailable(BasicResourcePool.java:1467)
at com.mchange.v2.resourcepool.BasicResourcePool.prelimCheckoutResource(BasicResourcePool.java:644)
at com.mchange.v2.resourcepool.BasicResourcePool.checkoutResource(BasicResourcePool.java:554)
at com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool.checkoutAndMarkConnectionInUse(C3P0PooledConnectionPool.java:758)
at com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool.checkoutPooledConnection(C3P0PooledConnectionPool.java:685)
... 66 more
How can I identify that there is a invalid credential issue with c3p0?
Your best way to validate provided credentials/JDBC params is to avoid connection pool at all.
Open dedicated connection just for this purpose and try to execute simplest SQL against new connection (eg SELECT 1 or similar).
After success, you can pass them to C3P0 otherwise propagate error back to user.
JDBC providers are free to create whatever error/exception messages they want. So you need to be ready to parse the error message of each provider in order to make sense of what is happening.
You can also try to get information from exception types if the JDBC provider segregates errors in separate types.
As a side note, giving too much information regarding why the connection failed may be considered a security breach. So one should not expect the JDBC driver to give you such information. For instance, why would any database collaborate with invasion attempts by saying "the username is correct, but the password is not."?
I already have the connection string and DBA username. I accept DBA password from the user.
To check if the password provided by him is correct, I try to create a connection using
String connString = "jdbc:oracle:thin:#" + connDesc;
Properties props = new Properties();
props.put("user", user);
props.put("password", pwd);
props.put("internal_logon", "sysdba");
Class.forName("oracle.jdbc.OracleDriver").newInstance();
Connection conn = DriverManager.getConnection(connString, props);
Now when it throws SQLException I need to find if that exception is because of wrong password or network timeout. Is there any way to do that?
Also, is there any better way to validate password than what I'm currently doing?
You can use the SQLException.getErrorCode() method to read the Oracle-specific error code for the error.
For an invalid username/password combination, the error code is 1017.
It's not clear to me exactly what error you mean by 'network timeout'. If the message is The Network Adapter could not establish the connection, then the error code you want appears to be 17002. (I got this error attempting to connect to my local Oracle XE instance using JDBC but with the TNS listener shut down.)
There isn't a better way of validating a username/password than attempting to create a connection to the database using that username and password.