SQL 服务器 2019 JKS 文件上的外部脚本执行验证错误
[英]SQL Server 2019 External Script Execution Authentication Error on JKS File
问题描述
I'm attempting to put a POC together that leverages the SQL Server 2019 Extensibility Framework & External Languages feature.
我正在尝试将利用 SQL Server 2019 可扩展性框架和外部语言功能的 POC 放在一起。 This enables execution of external languages in SQL Server Stored procedures.这可以在 SQL 服务器存储过程中执行外部语言。 I've written a JAR file that encrypts and decrypts data being passed via a SQL Server stored procedure.我编写了一个 JAR 文件,该文件加密和解密通过 SQL 服务器存储过程传递的数据。 I've confirmed that the each method is correct, and returns the correct values when not being sent as a stored procedure.我已经确认每个方法都是正确的,并且在不作为存储过程发送时返回正确的值。 However, when executing the stored procedure I receive an empty data set and see the following error in debug mode:但是,在执行存储过程时,我收到一个空数据集,并在调试模式下看到以下错误:
java.io.FileNotFoundException: <jks-file-location> (Access is denied)
The line of Java code throwing the error is below:抛出错误的Java代码行如下:
Key _key = readKeyFromStore_cbs("<jks-file-location>, "<password>".toCharArray(), "entityEncryption", "<password>".toCharArray());
_keySpec = new SecretKeySpec(_key.getEncoded(), _key.getAlgorithm());
Again, the code is fine, I don't think there are issues there, and don't think posting the content of those methods is the issue (the SP itself runs fine with dummy data in the place of data being encrypted and decrypted, and the code with encryption and decryption runs as expected when run on its own).同样,代码很好,我认为那里没有问题,并且不认为发布这些方法的内容是问题(SP 本身运行良好,使用虚拟数据代替数据被加密和解密,并且带有加密和解密的代码在单独运行时按预期运行)。
Additional Info:附加信息:
- I'm running this on a local Windows 10 environment and have given "Everyone" full security permissions on the jks.我在本地 Windows 10 环境中运行它,并已授予“每个人”对 jks 的完全安全权限。
- I've double checked the user running sql server and ensured that user has full permissions on the file as well.我已经仔细检查了运行 sql 服务器的用户,并确保用户也对文件拥有完全权限。 (This user also has admin privileges on SQL Server) (此用户还拥有 SQL 服务器的管理员权限)
- I've checked SQL Server
sp_configureoptions as well.我也检查了 SQL Server sp_configure选项。 - Filestream is enabled and set to full control in sp_configure在 sp_configure 中启用 Filestream 并设置为完全控制
- I've even disabled clr strict security on sp_configure to see if that was the cause.我什至在 sp_configure 上禁用了 clr strict security 以查看这是否是原因。 I still receive the same error.我仍然收到同样的错误。
- I've attempted tests with JKS in my User directory (with permissions on the directory and file for the SQL Server user), in the C drive, and in the child directory of the C drive (again, with permissions on the directory and file for the SQL Server user)我已经尝试在我的用户目录中使用 JKS 进行测试(具有对 SQL 服务器用户的目录和文件的权限),在 C 驱动器中,以及在 Z0D61F8370CAD1D4D41257 目录和文件的子目录中对于 SQL 服务器用户)
The stored procedure runs, but is returning an empty data set.存储过程运行,但返回一个空数据集。 When attempting run without encryption (using the key from the currently inaccessible keystore) and using dummy data, I receive the expected data set.当尝试不加密运行(使用当前无法访问的密钥库中的密钥)并使用虚拟数据时,我收到了预期的数据集。
Anyone know what might be causing this error?任何人都知道可能导致此错误的原因是什么?
1 个解决方案
解决方案1
0 2020-05-30 20:58:22
UPDATE: Moving the JAR and jks into SQL Server directories and starting the Launchpad service resolved the issue.更新:将 JAR 和 jks 移动到 SQL 服务器目录并启动 Launchpad 服务解决了该问题。 Hope this helps someone avoid similar frustrations.希望这可以帮助某人避免类似的挫败感。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.