I use DBeaver (windows) to connect to different hive servers (Kerberos Auth)
Connection 1 is
jdbc:hive2://<server_address_1_ip>:<port>/main;AuthMech=1;KrbRealm=some.realm.com;KrbHostFQDN=<server_address_1_ip>;KrbServiceName=hive;KrbAuthType=2;SocketTimeout=0;useTicketCache=true;ticketCache=C:\Users\<my_username>\krb5cc_<tech_user_1>;renewTGT=true;doNotPrompt=true;principal=<tech_user_1>#some.realm.com
Connection 2 is
jdbc:hive2://<server_address_2_ip>:<port>/main;AuthMech=1;KrbRealm=some.realm.com;KrbHostFQDN=<server_address_2_ip>;KrbServiceName=hive;KrbAuthType=2;SocketTimeout=0;useTicketCache=true;ticketCache=C:\Users\<my_username>\krb5cc_<tech_user_2>;renewTGT=true;doNotPrompt=true;principal=<tech_user_2>#some.realm.com
I want to connect to this servers at same time and don't matter how it will be (using "ticketСache" or "keytab" for example)
Now, in order to connect, I need to initialize the ticket (kinit <tech_user_1>/<tech_user_2>), restart the application, but only one of the two connections will be used.
When I don't have valid ticket, DBeaver show error: "Unable to obtain Principal Name for authentication". I think DBeaver ignore some parameters from jdbc connection url.
When I use driver provided by cloudera I see krbJAASFile option in DriverSetting page of DBeaver. You can try the same. My jaas conf looks like below:
Client {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
keyTab="/Users/raid/hive_jdbc_logs/raid.keytab"
principal="raid#some.realm.COM"
doNotPrompt=true;
};
And url format is:
jdbc:hive2://<server_address_fqdn>:<port>;AuthMech=1;KrbHostFQDN=<server_address_fqdn>;KrbRealm=some.realm.COM;KrbServiceName=hive
Related
I'm trying to install Informatica 10.1 on OCI and thereby connecting it to ADW for the INFA users access.
I've successfully established connectivity with ADW through sqlplus using the wallet keys. However, during the Informatica installation I'm not able to connect to the ADW database. Below is an excerpt of the connection that is being tried by the installer.
Configure the database for the domain configuration repository:
Database type:
* 1->Oracle
2->SQLServer
3->DB2
4->Sybase
(Default: 1):
Database user ID: (default :- dbadmin) :
User password: (default :- ) :
Configure the database connection
1->JDBC URL
* 2->Custom JDBC Connection String
(Default: 2):
I'm wary on the custom JDBC Connection String that is being asked. Usually the default string is something like this:
jdbc:informatica:oracle://somestringfromtnsnames.oraclecloud.com:1521;ServiceName=somestringfromtnsnames.adb.oraclecloud.com
But in this case I'm connecting to ADW via wallet & ideally the wallet information should be provided. I just am not sure how. I've prepared a string in accordance to the same which I thought was correct, but it doesn't work.
jdbc:informatica:oracle:#tnsnamesalias?TNS_ADMIN=/path/to/my/wallet/store
Has anyone got any idea on this? Any pointers would be helpful.
From what I understand, the DataDirect JDBC drivers used by Informatica do not support Oracle's encryption, which is required to access ADW. It appears that you can use Oracle Client on an existing Informatica installation to add ADW as a target, but not using JDBC or ODBC. There appear to be limitations to this in terms of metadata access, and some import steps will need to be completed manually.
In spite of what it implies in "Autonomous Database 3rd Party Tools and Applications" for Informatica, the only way to complete a new installation - according to the steps in Appendix A of the doc - is to first disable the SQL*Net encryption. This requires a level of access to the Oracle configuration files and processes that does not exist for Autonomous Database services (i.e. access to sqlnet.ora and lsnrctl). It only exists if you are running your own VM host (Infrastructure as a Service) with a stand-alone installation of Oracle Database that you fully control.
Looking for example using JDBC on DB2 database using Windows authentication, preferably with db2jcc4.jar driver. Seems like a common enough scenario, but I'm having a hard time finding an example.
Your original question was too vague until you clarified it with a comment asking how to connect to local Db2-databases via jdbc without a userid/password. So your real question appears to be "how do I achieve passwordless authentication to local Db2-databases on MS-Windows?", which may be a FAQ.
Db2-server delegates authentication to the underlying operating-system services on which the Db2-server is running. Keep in mind that Db2-server runs on a few quite-distinct operating systems, only one of which is MS-Windows.
Yes you can connect via-JDBC to a local Db2-database on MS-Windows without specifying a userid/password, using the IBM-supplied jdbc driver.
You can also connect to a local Db2-database on MS-Windows via CLI/ODBC and command-line without specifying a userid/password. When no userid/password is specified then the authentication-ID is that of the currently running session (either the logged on identify, or the runas identity).
If you have a local Db2-server with a local database running on MS-Windows, then all necessary software is already installed (if using defaults) to achieve the above.
It is important to understand that if the Db2-database is remote from the client then the authentication will need some form of credentials. Such credentials may be in the form of a certificate (if the Db2-database lives on Z/OS), or in the form of a userid/password, or in the form of a kerberos ticket, or in the form of a token used for cloud-based Db2 etc.
For a passwordless local jdbc connection to a Db2-database , you can use the URL format "jdbc:db2:your_database_name" .
The class com.ibm.db2.jcc.DB2Driver (as supplied in currently supported versions of db2jcc4.jar) supports passwordless connections with that URL pattern.
Example with local database-name = sample.
try
{
Connection con = DriverManager.getConnection("jdbc:db2:sample");
...
}
catch (Exception e)
{
...
}
The Db2 Knowledge-Centre gives all the details of the available jdbc properties
here
https://www.ibm.com/support/knowledgecenter/SSEPGG_11.5.0/com.ibm.db2.luw.apdv.java.doc/src/tpc/imjcc_r0052038.html
Other pages show additional properties that are specific to Z/OS data-sources, or cloud-databases, or i-series data sources, or informix sources etc.
I am trying to get an Other Databases (JDBC) connection from Tableau to SAS using SAS' integrated object model (sasiom jdbc) but running into this error:
Error:
Bad Connection: Tableau could not connect to the data source.
Trying to connect an http1.x server
Generic JDBC connection error
Trying to connect an http1.x server
Configuration Details
I believe my configuration is somewhat correct so far but I think that Tableau is not identifying the correct driver class to use when making a JDBC connection to SAS.
At a high level here is what a JDBC connection to SAS looks like:
JDBC Connection String: jdbc:sasiom://companyserver.company.com:port
Driver class name: com.sas.rio.MVADriver
Driver jar files location for Tableau to access: C:\Program Files\Tableau\Drivers
In this extract below from the Tableau Desktop logs it looks like 'dialect' and 'class' being used are genericjdbc which I think I want the class to be com.sas.rio.MVADriver to use the classname for sasiom but I'm not certain
{"attributes":{":protocol-customizations":"","class":"genericjdbc","dbname":"","dialect":"genericjdbc","jdbcproperties":"","jdbcurl":"jdbc:sasiom://companyserver.company.com:8591","password":"***","schema":"","username":"username","warehouse":""},"closed-protocols-count":"0","connection-limit":"16","group-id":"3","in-construction-count":"0","protocols-count":"0","this":"0x0000018511611140"}}
Properties file attempted without success
I've tried to add a properties file to force the class to be com.sas.rio.MVADriver in the hopes that I get a connection successful or at least a different error if anything else needs to change but no luck with a properties file.
Please provide some help or direction if anyone has successfully created a custom JDBC connection in Tableau and how you got it working? What configuration steps am I missing?
Is there a way to verify that Tableau is using the correct driver class for the jdbc connection? I have not seen the correct class of com.sas.rio.MVADriver referenced at all in the Tableau logs
The answer to this question is a Type 4.0 JDBC Driver is needed to automatically register the driver class name with the JDBC driver manager. The public SAS .jar files contain a Type 2.0 JDBC Driver which requires a manual JDBC driver class specification, which Tableau does not allow to my knowledge. It appears this is not possible currently.
I have an Oracle connection using com.oracle:ojdbc14:10.2.0.2.0 and the URL jdbc:oracle:thin:#fooe2.company.intern:1529:odse but would like to leave away the hostname and port as it may change over time. Using sqlplus I can just say "odse" and it will look the name up via /etc/ldap.ora. I know that there is a syntax where I can specify the ldap server names in the JDBC URL but I don't want that either as it may change as well.
Is it possible to have JDBC make use of the existing /etc/ldap.ora configuration and just specify the SID?
I'm able to use Oracle SQLDeveloper to make a connection to an Oracle database. I'm using "basic" as connection type and I can access database successfully. The problem is that basic authentication is the only way to access that database at the moment (there is some misconfigururation but this is another problem and can not be solved by myself).
To work around this I want to use basic authentication with JDBC. Is this possible? Can someone give me an example? I found only examples with thin or oci configuration. Both are not working for me.
Thank you very much!
From the help in SQL Developer:
Advanced connection type
Custom JDBC URL: URL for connecting directly from Java to the
database; overrides any other connection type specification. If you
are using TNS or a naming service with the OCI driver, you must
specify this information: Example:
jdbc:oracle:thin:scott/#localhost:1521:orcl
Note that in this example, the "/" is required, and the user will be
prompted to enter the password. I actually wasn't prompted for p/s see notes below
To use a custom JDBC URL, the system on which SQL Developer is running
must have an Oracle Client installation that contains the JDBC and
orai18n libraries, is present on the path, and is version 10.2 or
later.
So all you need to do is select the "Advanced" connection Type, then input the below line (changed to your settings)
jdbc:oracle:thin:USER/#HOST:PORT:SID
but it will also work (and use the Username/Password already inputted) if you omit the "User/" as such
jdbc:oracle:thin:#HOST:PORT:SID
It seems to use the password that is already in the "Password" box in the Database Connection.
If this does not work for you, post how it does not work. I tried the connections from "Basic", TNSNames, and Advanced (using the THIN client) without incident- take note of the using a custom JDBC URL, but I would have to ask why if that is the intent?
hth
There was no mistake in configuration. But there was a problem with the cluster (cluster switched to the other node). I can't understand this behaviour and I can't reproduce it anymore, but it's working again now. Thanks for your help!