Delphi FireDac network encryption with Oracle - oracle

I'm looking for a possibility to encrypt the connection to our Oracle database. I did find this post below:
How to encrypt FireDAC connection to use TLS/SSL in Delphi?
The only answer I see there is that we have to buy ($3000/developer, wow) and use a CData component.
Is FireDAC ready for using network encryption with an Oracle DB? If so, how do I configure that?

Don’t know about FireDac secure connection, but we use third-party components for this. First of all – it’s not a good idea to leave Oracle DB open from anywhere on the internet, try to change your application architecture to use (for example) REST-API from the internet and secure vpn or closed part of the network between REST-Server and Oracle. If it’s not possible or the client is in “paranoid mode” then you can use Devart ODAC and Devart SecureBridge. This allows you to connect to Oracle securely. It's not free, but it's not $3,000 for a developer either. Here is a documentation how to use it: https://docs.devart.com/odac/ssl.htm

Related

Export Database connection to Oracle Developer

I have a database Connection established in odbcad and Microsoft Access (aswell as working in Excel) via ODBC and want to also get it working in Oracle SQL developer.
It is a Windows SQL Server as far as i know and I have tried several Settings, of which None works. I have also installed Driver for ODBC. I would like to Import Settings into SQL developer as applied in MS Access, is there any possibility?
No, SQL Developer is a Java application and uses a JDBC driver.
But if you look at the odbc properties for your connection, those should largely translate to what you need to define a basic connection.
Oracle:
Server name or IP address of the DB, port # for the listener, and the name of the SID or Service, plus a valid username and password is all you need to connect to Oracle.
What error do you get when you try to connect?
Show us what you're trying.
Update:
You're trying to connect to SQL Server but you're getting"
Native SSPI library not loaded
You're trying to use OS Authentication for your connection. For this to work with the jTDS driver, you need to copy a DLL file named ntlmauth.dll (which is for NT authentication) under the jtds-x.x.x-dist\x86\SSO\ or jtds-x.x.x-dist\x64\SSO\, to any directories in the PATH environment.
Please update your question such that's it's clear you're connecting to SQL Server and share the error message so others can find it.
I imagine this question is a duplicate of many previous iterations of the same challenge.

Connect from SSIS to Oracle using ODBC with Kerberos

We have a large SSIS solution with many connection managers pointing to Oracle. Provider is ODBC, data sources are set to defined system DSNs. So far we use user names and passwords and everything works fine. Now we want to switch to Kerberos authentication.
I can already successfully query the Oracle database using sqlplus with Windows authentication.
I'm having hard time achieving the same from SSIS using ODBC connection managers.
Is it possible to reconfigure the ODBC connection managers so they will use Windows authentication? How should be the connection manager configured?
The question is specifically about ODBC, please avoid answers like "use Attunity".
We use MS SQL Server 2016 Enterprise edition, Oracle 12.2.
I finally made it working, hope it helps someone.
I created a new DSN
as User ID I put [OracleUserName]
beware the square brackets! Those are necessary
the OracleUserName is user name configured on Oracle side (I do not know much about Oracle). The DBA configured the AD account to be able to login as this user.

Is Oracle Instant Client an actual database?

I want to create a small dev database just to use for developing my application. I've downloaded the Oracle Instant client and followed the directions to "install" (ie, copy/paste and set up some environment variables), but I can't find any information on how to connect, login, create database, etc, or even exactly what Instant Client is, specifically. So, a few specific questions:
Is Instant client just a set of drivers and components that allow you to connect to an existing database, or can you use Instant Client to create and administer a completely new database?
If it CAN be used to create a new database:
How do you "start" (or similar concept) the database so that it is ready for connections.
Because there is no installation, and no default configuration, I haven't set up a default schema, port, etc. So, what is the default connection information to connect to the database for the first time?
For example, I use SQL Developer to connect to and administer my remote database, so how could I connect to Instant Client from SQL Developer?
The client is JUST a client.
You'll want to download the Oracle Database installs. The easiest would be the XE (Express Edition) - it's free, and gets going on windows or linux pretty quick.
You'll then install the server software and THEN create a database. Then you can use your client to connect to said database. You can use your client now to connect to any Oracle database running on any server that you can see on your network.
There are more alternatives.
I talk about this in more detail here.

Delphi win32 application to work with Oracle

I have to create win32 client on Delphi, which can work with database on Oracle. The only problem with this task that client have to demand "zero administration".
In other words user downloaded it from our site and ran it without any installing oracle client and tuning tnsnames.ora.
My first aproach was to install apache on server side with connection to Oracle. Our win32 client this case is like web brouser works with Oracle via https.
It works but performance is not so good as expected. Delay in reaction between clent and server side is too long.
Is there any way to acheve my goal (zero adminstration client with good enough performance)?
The product ODAC (Oracle Data Access Components) from DevArt has a "no oracle client needed" mode. This would probably be the easiest solution. You could also just include the Oracle Instant Client with your product and use Oracle's "EZConnect" syntax so that you don't have to configure anything on the client. Using EZConnect allows you to connect to an Oracle Database without using a TNSNames.ora file.

How to sniff Oracle's credentials from a connection attempt to the database?

I have a legacy application, which connects to the configured Oracle database.
It seems it has some logic that alters the database credentials as it is unable to successfully log in to the Oracle database, while sqlplus started on the same machine is able to log in.
The error I am getting is: [DataDirect][ODBC Oracle Wire Protocol driver][Oracle]ORA-01017: invalid username/password; logon denied
How to find out what is the database username and password that are sent to the database?
What I have tried so far:
Enabled auditing of failed sign-on attempts on Oracle (audit create session whenever not successful). It does not solve the issue, because it only logs the username, which seems to be correct, without the password.
Used a sniffer to eavesdrop the network traffic between the machine running the application and the database, but since Oracle's TNS protocol is encrypted, it did not help a lot.
Started a server using netcat on port X, provided port X in the application configuration file. The application did connect to my server, that is how I know the application is connecting to the correct server. But since the TNS protocol is pretty complex (requires a series of messages to be exchanged between the client and the server) I hope there is a simpler why of achiving what I want without having to reverse engineer Oracle and implementing my own server.
Enabled tracing of the JDBC driver (Trace=1, TraceFile, TraceDll). The trace file shows the correct username, but obviously the password is not getting logged.
My environment:
Database: Oracle 11g
Application runs on: Solaris
Application uses: DataDirect ODBC Oracle Wire Protocol v70
I not sure, but if connection established by ODBC driver (as described in question tags) then you can try ODBC sniffing tools like ODBC Tracing.
Citation:
Password "Sniffing" Using Trace
ODBC provides a means for tracing the conversation taking place between the driver and the host database. Used by developers for testing purposes, the tracing feature is designed to help programmers find out exactly what is going on and to help fix problems. However, tracing (also called "sniffing") can be used by nefarious bad guys to retrieve user passwords.
When tracing is enabled, communications with the host are written to a file. This includes the user ID and password, which are captured in plain text.
Update
SQLPlus connects to Oracle with OCI interface, but DataDirect ODBC driver uses it's own proprietary implementation of communication protocol. So, most probable point of failure is driver misconfiguration or incompatibility.
DataDirect provides some tools for ODBC drivers diagnostics, but only option applicable to case described in question is using snoop utility, which acts like a netcat which already tried.
Because connection failed at credential verification stage, the most probable source of error is using localized symbols for user name or password. There are some issues with Oracle authentication process, listed in DataDirect Knowledge Search (search for ORA-01017).
It seems that DataDirect provides two separate version of driver with and without Unicode support, therefore one of possible points of failure is to connecting with non-Unicode version of driver to Unicode version of database and vice verse.
P.S. For now I don't have any experience with DataDirect ODBC driver. So it's only suggestions about possible source of failure.

Resources