stackoom
  简体   繁体   中英

JDBC, Tomcat, context.xml and Oracle native encryption

 原文  2018-04-18 13:18:08       java/ oracle/ jdbc/ oracle12c

Question

I can add specific connection properties (for connection pooling, etc.) with JDBC/thin connections from Java to Oracle by using 

props.put("connectionPoolName", "ConnPool");
props.put("description", "UCP JNDI Connection Pool");
props.put("factory", "oracle.ucp.jdbc.PoolDataSourceImpl");
props.put("inactiveConnectionTimeout", "5");
props.put("user", "scott");
[...]

I can also use a context.xml for these settings, like: 

description="UCP JNDI Connection Pool" 
connectionFactoryClassName="oracle.jdbc.pool.OracleDataSource" 
factory="oracle.ucp.jdbc.PoolDataSourceImpl" 
inactiveConnectionTimeout="5"
user="scott"

So I tried setting Oracle 12 native encryption parameters in context.xml in countless ways, for example: 

connectionProperties="oracle.net.encryption_client=(REQUIRED);oracle.net.encryption_types_client=(AES256);oracle.net.crypto_checksum_client=(REQUIRED);oracle.net.crypto_checksum_types_client=(SHA1)"

or 

connectionProperties="oracle.net.encryption_client=REQUIRED"
connectionProperties="oracle.net.encryption_types_client=AES256"
connectionProperties="oracle.net.crypto_checksum_client=REQUIRED"
connectionProperties="oracle.net.crypto_checksum_types_client=SHA1"
(Which obviously doesn't work)

or 

SQLNET.ENCRYPTION_CLIENT="REQUIRED"
SQLNET.CRYPTO_CHECKSUM_CLIENT="REQUIRED"
SQLNET.ENCRYPTION_TYPES_CLIENT="AES256"
etc.

...and nothing works. Does anybody know if you can set the client encryption parameters in context.xml? And if yes: how to do so?

The server is configured correctly and the encryption works when using option 1 or sqlplus client, but nothing gets encrypted by using context.xml, but also no errors are logged or anything, it just transfers unencrypted data.

I assume I miss something trivial, or just don't know the correct parameters for context.xml.

1 answers

solution1
 0  2018-04-21 01:01:23

Try using the , as the separator as shown here. Check OracleConnection for the correct name of the connection property. 

 connectionProperties="{javax.net.ssl.trustStore=/home/myuser/cloud/truststore.jks, 
   javax.net.ssl.trustStoreType=JKS, javax.net.ssl.trustStorePassword=welcome1, 
   javax.net.ssl.keyStore=/home/myuser/cloud/keystore.jks, javax.net.ssl.keyStoreType=JKS, 
   javax.net.ssl.keyStorePassword=welcome1, 
   oracle.net.ssl_version=1.2, oracle.net.ssl_server_dn_match=true}"

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to pass encryption related properties from tomcat's context.xml for jdbc connection in java? Problems with JDBC URL in tomcat 9 context.xml for treeAnno Specify Oracle DB/Schema name in tomcat context.xml Understanding context.xml in tomcat 6 Change jdbc.properties with context.xml Description of name=“jdbc/project” in Context.xml? BoneCP in tomcat context.xml throws an exception about being unable to find a jdbc driver Context.xml file missing Tomcat 8 Netbeans issues with tomcat context.xml Java WebApp and tomcat context.xml
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM