Oracle FCF OSN Client Side Configuration - java

Good time!
First of all, here is my environment:
Java 1.7
Tomcat 7
Oracle UCP connection pool
Thin JDBC driver
Oracle 10g database with RAC and SCAN (some information)
I need to configure the Oracle FCF feature. There are several articles about it's configuration: Spring documentation (1), complete example (2), ...
I've performed all the steps described in the article (1) and I've also configured a UCP logging where I can see that FCF is actually enabled.
What is confusing for me is the following statement fro the second article:
FAST CONNECTION FAILOVER PREREQUISITES
...
5.) The JVM in which your JDBC instance is running must have
* oracle.ons.oraclehome set to point to your ORACLE_HOME. For example:
*
* -Doracle.ons.oraclehome=C:\oracle\product\10.2.0\db_1
...
Question:
My Oracle database (RAC) is located at a remote server and I use a thin JDBC driver, thus what should I do here (Do I really need to set uop this parameter, and, if yes, than how)? There is no point in the first article about configuring such a JVM parameter, it is only said that I need to set up the 'ONSConfiguration' parameter of a datasource where I should list all the RAC nodes...
UPDATE 1:
Also from the second article:
CLIENT-SIDE ONS CONFIGURATION
...
(2) ONS daemon on the client side
Example ons.config file for a client:
...
At the beginning of this article it is said that the 'client-side' is a java-based application, while the 'server-side' is a database (RAC). It is really required to creare the 'ons.config' file on a java-based-application-side in case of using a thin JDBC driver?
UDPADE 2:
From the Oracle documentation:
Remote Configuration
UCP for JDBC supports remote configuration of ONS through the SetONSConfiguration pool property. The ONS property value is a string that closely resembles the content of an ons.config file. The string contains a list of name=value pairs separated by a new line character (\n). The name can be: nodes, walletfile, or walletpassword. The parameter string should at least specify the ONS configuration nodes attribute as a list of host:port pairs separated by a comma. SSL would be used when the walletfile attribute is specified as an Oracle wallet file.
Applications that use remote configuration must set the oracle.ons.oraclehome system property to the location of ORACLE_HOME before starting the application. For example: java -Doracle.ons.oraclehome=$ORACLE_HOME ...
But how can I set the ORACLE_HOME variable when I have no local installation of Oracle database, that is what the thin driver is about, right?

If you want only use UCP pool , then you just need this setup :
PoolDataSource pds = PoolDataSourceFactory.getPoolDataSource();
pds.setONSConfiguration("nodes=10.247.43.111:4500, 10.247.43.112:4500");
pds.setFastConnectionFailoverEnabled(true);
where "nodes=10.247.43.111:4500, 10.247.43.112:4500" is list of ons listerers
10.247.43.111:4500 - remote ons listerner on node1
10.247.43.112:4500 - remote ons listerner on node2
etc.
see this good example:
http://www.idevelopment.info/data/Programming/java/jdbc/High_Availability/FastConnectionFailoverExampleThin.java
and this http://docs.oracle.com/cd/B19306_01/java.102/b14355/fstconfo.htm#CEGGDDFJ
ORACLE_HOME needed for local ONS demon connection.

Related

jdbc URL to connect to Impala using keytab file

I am trying to connect to Impala using keytab file but I didn't find exact URL to connect with keytab. I have gone through Cloudera documentation, but it does not mention using keytab file with principal to connect to Impala. What will be the JDBC URL to connect to Impala using keytab file?
As described in the User Guide, section "Using Kerberos", Impala JDBC driver supports three methods of getting Kerberos Subject:
...The driver tries to obtain the Subject from the current thread's inherited AccessControlContext. If the AccessControlContext contains
multiple Subjects, the driver uses the most recent Subject.
The driver checks the java.security.auth.login.config system property for a JAAS configuration. If a JAAS configuration is
specified, the driver uses that information to create a LoginContext
and then uses the Subject associated with it.
The driver checks the KRB5_CONFIG and KRB5CCNAME system environment variables for a Kerberos ticket cache. The driver uses the information
from the cache to create a LoginContext and then uses the Subject
associated with it.
You can control which method driver will be using via KrbAuthType parameter in connection URL, otherwise it will try each method one by one.
So, all you should do to use keytab file (method# 2) is
create a jaas.conf file specifying keytab location, principal, etc.
set system property java.security.auth.login.config in your program (or use
JVM startup argument -Djava.security.auth.login.config=</some-path-to/jaas.conf>) pointing to the location of that jaas.conf, and
in your JDBC connection URL, set ...AuthMech=1;KrbRealm=<YOUR-REALM.COM>;KrbHostFQDN=your.impalad.host.com;KrbServiceName=<impala-service-principal> for Kerberos authentication
...before trying to connect.
Alternatively, kinit using your keytab so that ticket cache contains necessary TGT before calling your Java application (essentially, use method 3 above).

Connect To SQL Server With Windows Authentication From A Linux Machine Through JDBC

I want to be able to connect to a SQL Server using jdbc and windows authentication.
I saw some answers on the internet saying i should add the following property to the connection string:
integratedSecurity=true;
And also add
sqljdbc_auth.dll
To the java path.
But this, as far as i understand applies only when i'm connecting from a Windows machine.
When i try this on a Linux machine i get:
java.sql.SQLException: This driver is not configured for integrated authentication
My question is how do I do it from a Linux machine.
Thanks
Well, eventually I answer my own question:
This is not possible to use Windows authentication from a linux machine using the Microsoft JDBC driver.
This is possible using the jTDS JDBC driver using the following connection string:
jdbc:jtds:sqlserver://host:port;databaseName=dbname;domain=domainName;useNTLMv2=true;
Thank you all for all the comments
TL;DR
It is not possible to use native Windows Authentication for JDBC connections to MSSQL from a JVM running on Linux.
This MSDN article explains the authentiation methods with JDBC on Linux, potential errors, and available options:
https://blogs.msdn.microsoft.com/psssql/2015/01/09/jdbc-this-driver-is-not-configured-for-integrated-authentication/
...in the JDBC 4.0 driver, you can use the authenticationScheme
connection property to indicate how you want to use Kerberos to
connect to SQL. There are two settings here.
NativeAuthentication (default) – This uses the sqljdbc_auth.dll and is specific to the Windows platform. This was the only option
prior to the JDBC 4.0 driver.
JavaKerberos – Makes use of the Java API’s to invoke kerberos and does not rely on the Windows Platform. This is java specific and not
bound to the underlying operating system, so this can be used on both
Windows and Linux platforms.
...
The following document outlines how to use Kerberos with the JDBC
Driver and walks through what is needed to get JavaKerberos working
properly.
Using Kerberos Integrated Authentication to Connect to SQL Server
http://msdn.microsoft.com/en-us/library/gg558122%28v=sql.110%29.aspx
For those who are using DBeaver the way to connect to the SQL Server Database is:
In order to connect to the SQL Server from Linux Debian using DBeaver
1.- Select SQL Server jTDS driver
2.- Enter the connection information
3.- Go to Driver Properties tab and add the domain, user, password
Just as a note, in some post I found that they needed to change the property USENTLMV2 to TRUE but it worked for me either by putting the USERTLNMV2 in true or false.
A problem that I found was that when I was trying to connect to the database using my user and password the next error was thrown:
Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.
This error was thrown because of my user was about to expire. I tried with another AD user and it could connect.
I know this is kind of an older topic but in case Google sends people here:
There are two main JDBC drivers for SQL Server. One is from Microsoft and the other from jTDS. jTDS can, amazingly, connect using Windows auth (NTLM) from other platforms, including Linux, as described here: http://jtds.sourceforge.net/faq.html#windowsAuth. It can, of course, also use SQL-authenticated logins. SQL-authenticated logins are no harder to use from any OS than any other, so don't forget about those an option.
The version provided by Microsoft is the one from which #mjn provided a quote from the documentation. It is able to connect using Windows authentication by specifying integratedSecurity=true, authenticationScheme=javaKerberos, and authentication=NotSpecified.
It is tricky to get this working even if you don't go out of your way to find more confusion, so always keep in mind which driver you are using - and tell us in these posts so that you can get more specific help.
This JDBC URL is validated to work with latest Microsoft SQL Server JDBC driver:
jdbc:sqlserver://[server]:[port];database=[db\;trustServerCertificate=true;integratedSecurity=true;user=[user without domain];password=[pw];authenticationScheme=NTLM;domain=[domain];authentication=NotSpecified
Example:
jdbc:sqlserver://mysql.myorg.com:1433;database=mydb;trustServerCertificate=true;integratedSecurity=true;user=myuser;password=mypwd;authenticationScheme=NTLM;domain=ad.myorg.com;authentication=NotSpecified
I was able to connect to a SQL Server 2016 Data Mart and JDBC connection Microsoft JDBC Driver using Windows Authentication using the following script on a Ubuntu Linux Docker Image running on Windows 10.
# initializes spark session
from pyspark.sql import SparkSession
spark = SparkSession\
.builder\
.master('local[*]')\
.appName('FDM')\
.config("spark.driver.extraClassPath","pyspark_jars/*")\
.config('spark.executor.memory', '4g')\
.config('spark.driver.memory', '16g')\
.config('spark.executor.cores', '4')\
.getOrCreate()
jdbc_url = '''jdbc:sqlserver://SERVER;databaseName=DBNAME;trustServerCertificate=true;integratedSecurity=true;user=USERID;password=PASSWORD;authenticationScheme=NTLM;domain=US;authentication=NotSpecified'''
spark_df = spark.read\
.format("jdbc")\
.option("url", jdbc_url)\
.option("driver","com.microsoft.sqlserver.jdbc.SQLServerDriver")\
.option("query", 'select top(1000) * from SCHEMA.TABLE')\
.option("fetchsize", 100000)\
.load()
spark_df.write.csv('TEST.csv', mode = "overwrite", header=True)

Glassfish - No suitable driver for mysql when trying to connect with datasource

I am trying to complete this tutorial:
https://netbeans.org/kb/docs/javaee/ecommerce/connect-db.html
Part of it is setting up a database and trying to establish a connection using datasource and connection pooling.
I did everything that is in the tutorial but when i try to run my code i get the following error:
javax.servlet.jsp.JspException: Unable to get connection, DataSource invalid: "java.sql.SQLException: No suitable driver found for jdbc/affablebean"
Here is the code that throws it:
<sql:query var = "result" dataSource = "jdbc/affablebean">
SELECT * FROM category, product
WHERE category.id = product.category_id
</sql:query>
I tried to connect to the database without using connection pooling and datasource and it worked like a charm.
try {
Class.forName("com.mysql.jdbc.Driver");
System.out.println("Driver registered");
}
catch (ClassNotFoundException ex) {
Logger.getLogger(SqlService.class.getName()).log(Level.SEVERE, null, ex);
}
That means that the driver is in the right lib folder in the glassfish directory so the problem must be somewhere else.
The tutorial has a troubleshooting section where they describe that if i get this kind of error "No suitable driver found for jdbc/affablebean" that means that i do not have resource reference in my web.xml. Well... I DO HAVE ONE and here it is:
<resource-ref>
<description>Connects to database for AffableBean application</description>
<res-ref-name>jdbc/affablebean</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
<res-sharing-scope>Shareable</res-sharing-scope>
</resource-ref>
I have been trying to solve this problem 16 hours a day for more than two day but still NO luck.
Do you guys have some idea what is wrong?
I browsed all the google and stackoverflow and found similar problems but the solution they give is "Make sure the mysql driver is in the right folder on the server".
Why do i connect to the database without dataSource object but can not connect with one?
So i found the solution to the exact same problem I was having.
So it appears that the issue was within web.xml not containing a reference to the datasource.
Simply add,
<resource-ref>
<description>AffableBean DataSource</description>
<res-ref-name>jdbc/affablebean</res-ref-name>
<res-type>javax.sql.ConnectionPoolDataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
to your web.xml file and save and run file(right click inside the file and press "Run File").
Afterwards you should see the database tab pop up in your browser of choice.
I had same error,
the problem is on when you set resource-type:
Resource Type: javax.sql.ConnectionPoolDataSource
try using:
Resource Type:=javax.sql.DataSource
thats strange in tutorial text is (the problem):
Click Next. In Step 5, Add Connection Pool Properties, specify the
following details: Datasource Classname:
com.mysql.jdbc.jdbc2.optional.MysqlDataSource Resource Type:
javax.sql.ConnectionPoolDataSource Description: (Optional) Connects to
the affablebean database
but on screenshot is correct.
I had several issues with this
https://netbeans.org/kb/docs/javaee/ecommerce/connect-db.html
part of ecommerce tutorial.
First problem (no suitable driver fourd) appeared due to improper jdbc resource creation -
i used 'new file \ glassfish \ jdbc connection pool'
instead of 'new file \ glassfish \ jdbc resource'.
Redoing this step registered driver correctly and created pool
(was indicated in glassfish servel log that mysql driver did register on server instance).
After that i couldn't get data via testDataSource.jsp - error was org.apache.derby.client.am.SqlException: Table/View 'CATEGORY' does not exist.
I couldn't figure out why org.apache.derby.client was even mentioned and
after some lookup found discussion on netbeans forum:
https://forums.netbeans.org/ntopic61746.html
This part of discussion was solution for my case:
try to change in step setup file sun-resources.xml or glassfish-resources.xml
Setting up a JDBC data source and connection pool
at step 6 -> change Resource Type to javax.sql.ConnectionPoolDataSource
and change in step setup file web.xml
Referencing the data source from the application
at step 4 -> change Resource Type to javax.sql.ConnectionPoolDataSource
p.s. i'm using netbeans 8.0.2, glassfish 4.1 and jdk1.7.0_21.
There was no javax.sql.ConnectionPoolDataSource option in Netbeans'
interface for 'edit resource reference \ resource type' combobox for web.xml.
So i put this value there manually.
After a very tiresome research, having checked servers tomcat, wildfly,and Jboss, none seemed to work,I had problem with registering new datasource with glassfish, adding new jdbc connectionpool would throw java.lang.runtimeexception, the workaround for this issue was to reconfigure DerbyPool under jdbcconnection pools in admin console and feeding it with required Datasource Classname, url,username,and password to point it the database on mysql server.and it did work.
I think you did not add Mysql JDBC Driver in your project libraries.
Add manually Mysql JDBC Driver in your project libraries and try again.
I think it will work.
I have the exactly problem, and even thru Netbeans IDE, the DB connection test is fine while in Glassfish 4, it is not working, try all possible like include lib in project, put here and there. Finally the problem is fixed by remove Glassfish and install Glassfish 3.1.2.2, the project files is exactly same and working fine. Guess this is a bug or specail setting may needed in Glassfish 4.
I had the same issue. The last 4 hours I was looking for a solution and it was so easy for me...
Make sure the "Status" in JDBC Resource (at Glassfish Admin Console) is Enabled (checkbox is checked) :-(
Same problem here. I spent hours with this, tried some of the solutions offered here, and only one got me a step further: changing the Resource Type from "javax.sql.ConnectionPoolDataSource" to "javax.sql.DataSource.
I immediately stumbled upon the next problem: the table "category" didn't exist. It actually does exist.
I gave up on glassfish (this was my first time trying to use glassfish) and went back to Tomcat. Succes! So I decided it might be helpful to point people to another possible solution that worked for me.
For those who are interested in the Tomcat solution, visit this page http://tomcat.apache.org/tomcat-8.0-doc/jndi-datasource-examples-howto.html#MySQL_DBCP_Example. Very clear explanation with an example. And don't forget to add the JSTL library to your project.
Good luck.

GlassFish Server does not connect to SQL database (error w.r.t. SQL driver)

I am using a brand new developing pc and need to test a personal application that runs on a local GlassFish server 3.1.2 and should connect with a local SQL database called 'funkOneDB' (my IDE is NetBeans 7.2.1). But I can't get the GlassFish server to connect with the database, and the problem seems to be related to the (place of the) SQL driver in the GlassFish Server's directories (more problem specifics in a few lines).
I am fairly certain I correctly set up the related JDBC Resource and Connection Pool on the GlassFish Server (as I mimic a set-up already existing and working properly on another developing pc).
The Resource specifics are:
jndi name: jdbc/FunkResource
pool name: FunkPool
The (most important) Pool specifics are:
pool name: FunkPool
resource type: javax.sql.Datasource
datasource classname: com.mysql.jdbc.jdbc2.optional.MysqlDataSource
additional properties correspond to the specifics in the XML GlassFish-resources of the application (username, password, url, etc.; no problems there)
I first placed the necessary SQL driver in the GlassFish Server's directories, i.e. the file mysql-connector-java-5.1.18-bin.jar at ..\GlassFish3\GlassFish\domains\domain1\lib\ext.
Yet, when I perform a ping test from the JDBC Pool 'FunkPool' at the GlassFish server, I get the following error:
Ping Connection Pool failed for FunkPool. WEB9031: WebappClassLoader unable to load resource [com.mysql.jdbc.SQLError], because it has not yet been started, or was already stopped Please check the server.log for more details.
In the server.log I only find the following extra logging exception and failure info:
(i) Exception while creating an unpooled [test] connection for pool [ FunkPool ], WEB9031: WebappClassLoader unable to load resource [com.mysql.jdbc.SQLError], because it has not yet been started, or was already stopped
(ii) RestResponse.getResponse() gives FAILURE. endpoint = 'http://localhost:4848/management/domain/resources/ping-connection-pool.json'; attrs = '{id=FunkPool}'
Note however, that when I ping the database funkOneDB from my IDE NetBeans via jdbc:mysql://localhost:33066/funkOneDB, it's succesful. As already mentioned, the credentials and other data I use for this IDE-based ping are the same data I use in the JDBC Connection Pool.
I searched for the problem also on stackoverflow for some. And I did find some people talking about it, like
Glassfisch MySQL ping ERROR (no answer by anybody), or
Struggling to create MySQL Connection Pool on Glassfish (tried that solution, i.e. putting the SQL driver one level up in ..\GlassFish3\GlassFish\domains\domain1\lib\, but this creates other errors, even after restarting the Glassfish server), or
GlassFish not loading connector
(even tried this solution, no succes).
Can somebody help me solve this problem? Many thanks in advance!
With kind regards,
Heinz
Place the mysql driver in the lib folder of your project. Then do a clean-and-build. It's also helpful to have netbeans communicate directly with your database. This will allow you to view the database structure and the contents of your database right from your IDE. For help integrating MySQL with netbeans, look here: netbeans.org/kb/docs/ide/mysql.html
My friend, i had this same exception:
RestResponse.getResponse() gives FAILURE. endpoint = 'http://localhost:4848/management/domain/resources/ping-connection-pool.json'; attrs = '{id=FunkPool}'
The cause of my error was that, i put wrong credentials. Check your credentials in your client DB App (SQL Developer, for example).
I had the same problem with SQL server and Netbeans. To resolve it, i put the sqljdbc.jar in the java direcory "Java\jdk1.8.0_121\lib directory" and it works :)
I've just spebnt 10 hours on this bug.

Database connection encryption and integrity with ColdFusion and Oracle thin client

As ColdFusion datasource we are using the Oracle thin client to connect with the database. So, basically we are using a JDBC URL such as jdbc:oracle:thin:#... and as Driver Class oracle.jdbc.OracleDriver
This works successfully however we would like to set encryption and integrity parameters as well. In Java this is done similarly by setting a Properties object prior to getting a connection as follows:
Properties prop = new Properties();
prop.put("oracle.net.encryption_client", "REQUIRED");
prop.put("oracle.net.encryption_types_client", "( DES40 )");
prop.put("oracle.net.crypto_checksum_client", "REQUESTED");
prop.put("oracle.net.crypto_checksum_types_client", "( MD5 )");
...
OracleDataSource ods = new OracleDataSource();
ods.setProperties(prop);
ods.setURL("jdbc:oracle:thin:#localhost:1521:main");
Connection conn = ods.getConnection();
...
Is there a way that I can pass these parameters to the ColdFusion datasource. Ideally, I would love to do this centrally in such way that a change to all the cfquery or cfstoredproc is not needed.
I also know that in application servers such as Oracle AS there is an option when creating a datasource which says "Add Properties". In there you can add such properties. So, I was thinking of maybe creating a JNDI DS in the app. server and then magically connecting to it but this may have some impacts on the app.
Besides this I was also thinking of communicating with the CF datasource through the CF admin API (cfide.adminapi.administrator) and also the option of extending the Oracle driver so that when CF connects with it these params are already set.
I would love to have your professional opinion and suggestions on this.
I know this is an old question...
You absolutely can pass connection string properties to ANY ColdFusion datasource.
Once the datasource is open in CF ADMIN, open the Advanced Settings. The first option you can change in the Advanced Settings tab is "Connection String". This would be all the name-value pairs of parameters separated by ampersand (&) to be passed on the connection to the database.
For example:
encryption_client=REQUIRED&encryption_types_client=DES40&crypto_checksum_client=REQUESTED&crypto_checksum_types_client=MD5`
However, the answer to the OP, is that you can pass parameters along on the JDBC URL as well.
For example:
Using the Progress Datadirect driver, your JDBC URL might look like this:
jdbc:datadirect:oracle://server;SID=someSID;encryption_client=REQUIRED;encryption_types_client=DES40;crypto_checksum_client=REQUIRED;crypto_checksum_types_client=MD5
Just remember, that your params are separated by semicolons, not commas.
When defining a datasource, make sure you are using the right KIND of driver... Some features aren't available from the native datasource setup screens, so to use more advanced features, you may need to use OTHER.
All data sources in ColdFusion can be configured with a connection string. I would see if it is possible to pass your properties as part of the connection string.
To change the connection string open the data source in the CF admin and go to 'Advanced Settings'. There is a box there you can fill out.
If you figure that out then the whole process should be transparent those those using the data source.
I hope that helps some.

Categories