I currently have my database credentials saved as ENV Variables. But I want to change that so the database will be a backing service.
Env Variables
SPRING_DATASOURCE_driverClassName: oracle.jdbc.OracleDriver
//sample url to mask mine
SPRING_DATASOURCE_URL: jdbc:oracle:thin:#//spring.guru.csi0i9rgj9ws.us-east-1.rds.amazonaws.com:1521/ORC
SPRING_DATASOURCE_USERNAME: UserAdmin
SPRING_DATASOURCE_PASSWORD: p4ssw0rd
SPRING_DATASOURCE_initialize: false
Script above works and have database connection when running on cloud foundry.
_ _ - _ _ - _ _
Here is the script I input in my command prompt, where I create a service and bound it to my application
cf cups OracleTest -p 'username, password, url'
Example Link1
Example Link2
Once I fill out all the credentials, bind my application to the service, and restage my application. I do not receive any database connection.
My Attempt on CF
//for uri I also tried
jdbc:oracle:thin:#//spring.guru.csi0i9rgj9ws.us-east-1.rds.amazonaws.com:1521/ORC
--Do I need some java configuartions along with this?
I did a quick search. I couldn't find an example where you can set the drivername in the CUPS service. You may try removing it from the CUPS definition.
Here is another way of setting the CUPs service - Pivotal Cloud foundry Access Service from Java App
Give it a try
I removed the unnecessary parameters and used the follow
cf cups OracleDB -p '{"jdbcUrl":"jdbc:oracle:thin:[username]/[password]#//[host]:[port]/[service]"}'
So instead of adding each attribute one by one. I found out that it can accept one of the following.
Oracle
The connector will check for:
uri or uris using the scheme oracle
jdbcUrl field in credentials using the scheme oracle
oracleUri, oracleuri, oracleUrl, or oracleurl fields in credentials
I choose jdbc and added credentials in the url.
Related
I have a default application on tarantool cartridge (cluster).
I want to connect to the cluster's router. I use the command:
tarantoolctl connect admin:_password_#localhost:3301
Where can I find the default password?
In cartridge it is called cluster_cookie. You may find the default one here.
If you've created your project using cartridge-cli tool it would depend on your project name:
...
cluster_cookie = '${project_name_lower}-cluster-cookie'
...
And you can manipulate its value from cartridge-cli config
Also, there is an example for ansible-cartridge role config.
I can not connect to Google Services from client application if it is trying to communicate with oauth2.googleapis.com (which is probably blocked in my corporate network - I dont know how to test it for sure).
I tried BigQuery with JDBC driver in Dbeaver. With basic settings.
User-based login does this:
It generates link for OAUTH. I open the browser and login with the right google account. Then I insert generated code into the Dbeaver and I recieve that AUTH has failed.
Service-based login does this:
It does not want me to visit any webpage. It just tells me:
[Simba][BigQueryJDBCDriver](100004) HttpTransport IO error : oauth2.googleapis.com.
I also tried to use ODBC, where PROXY can be filled in. But no luck.
When I take a look into 'Proxy Options' the proxy port is always rewritten by proxy host. Weird.
This is what happens when i click on 'catalog' or 'dataset' drop-down field. I cant do any further steps.
BUT!
When I set my HTTP PROXY in GCLOUD CLI APP then communication works. And I can call BQ from it.
Does it mean that GCLOUD communicates through HTTP Proxy and DBeaver or ODBC does not? Or does it mean that GCLOUD does not need oauth2.googleapis.com but ODBC and JDBC do and it is blacklisted? I am confused.
We need to migrate from our internal environment to GCP. We would love to use various applications. I would ask for whitelisting oauth2.googleapis.com but i am not sure this is the only problem as GCLOUD app works without any flaws.
I am not-experienced with networking so i am more than happy to update / correct this question or add any info (if you need) to help me understand this issue. Thank you
According to your description, your corporate network is using a Proxy to reach out Internet, this is the reason why gcloud is capable to reach out BigQuery service when Proxy settings are configured in your system; through Cloud SDK Proxy settings or HTTP PROXY environment variable.
You require to setup the proxy settings within the JDBC connection string as described in Simba JDBC driver documentation, e.g.:
jdbc:bigquery:DataSetId=MyDataSetId;ProjectId=MyProjectId;OAuthType=1;ProxyHost=MyProxyHost;ProxyPort=MyProxyPort;ProxyUID=MyProxyUsername;ProxyPWD=MyProxyPassword
This connection string will indicate the Proxy settings to Simba JDBC driver.
I have an existing Datastax Cassandra setup that is working. We just added authentication to the system and now we can log in with our AD accounts. This is very nice and certainly works. However applications need to use a hard-coded username/password in order to connect.
In SQL Server we were able to setup a user to run the service as and then it would connect and work through AD. However in Cassandra it is not the same.
If I don't want to include usernames and especially passwords in my app.config files what are my options?
You can use authentication via LDAP with DSE (Datastax Enterprise), so the authentication stage is done with LDAP instead of the internal authentication in DSE which you're using at the moment. Note that my comments here apply to DSE5.0 onwards but you can use LDAP auth with earlier versions of DSE from 4.6 onwards.
The documentation (link below) covers this. The basic steps are as follows:
Configure your authenticator in the cassandra.yaml to use the DSE authenticator
authenticator: com.datastax.bdp.cassandra.auth.DseAuthenticator
Create an internal role in cassandra to map to the LDAP group(s) in your LDAP server using the CREATE ROLE command
Ensure all the users you need to use map to the relevant LDAP group (part of your LDAP config)
Configure your dse.yaml to have the correct settings for your LDAP server
Restart the DSE process for the settings to take effect
The following documentation gives some good examples and background information:
https://docs.datastax.com/en/latest-dse/datastax_enterprise/unifiedAuth/unifiedAuthConfig.html
https://docs.datastax.com/en/latest-dse/datastax_enterprise/sec/authLdapConfig.html
Note: when configuring the dse.yaml note the comment in the docs regarding user_search_filter:
When using Active Directory set the filter to (sAMAccountName={0})
I have a database that I can connect to using jdbc using the string "jdbc:oracle:thin#ldap://SERVER_NAME:1234/SERVICE,cn=OracleContext,dc-world".
However, when I use node-oracledb, this connection string does not work, presumably because Node doesn't use jdbc. What connection string could I use to connect to the database?
There is no "Easy Connect" syntax available for LDAP so you will need
to configure ldap.ora and sqlnet.ora files and use a non-Easy Connect
string alias in node-oracledb (or in other tools like SQL*Plus, PHP OCI8, Python cx_Oracle, Golang godror etc).
I'm told (!) the steps are:
Invoke netca -> Directory Usage
Configure naming to use LDAP by netca->Naming Methods Configuration. This sets up sqlnet.ora for name lookup.
run netmgr to setup the entry in ldap or Enterprise Manager to setup ldap.
Copy those files to a subdirectory on the machine where you run Node.js, and set TNS_ADMIN to the directory containing the files. With Instant Client you can put it in the network\admin subdirectory under the Instant Client libraries. See the manaul entry Optional Oracle Net Configuration
Set node-oracledb's connectString to the connect alias configured in 3, e.g. "orcl"
In order to get an ldap connection to work, I had to do the following:
In the network/admin folder of the oracle client add (These were provided by my db admin, but there are examples here:):
LDAP.ORA
sqlnet.ora
And then the connectString is just the service name and nothing else. So, using the original example jdbc:oracle:thin#ldap://SERVER_NAME:1234/SERVICE,cn=OracleContext,dc-world the connectString would just be SERVICE
I am trying to start an application in Websphere 8, and keep on getting the following error.
From the message, it means we are missing the bindPassword, but we never have to define in WAS 6.1
Currently we are using Standalone LDAP registry. Does anyone have any idea where I should start looking to fix this error?
UserManagemen E com.ibm.ws.wim.management.UserManagementProcess handleNo
tification CWWIM6004E Initialization of the dynamic reload manager failed.
com.ibm.websphere.wim.exception.MissingInitPropertyException: CWWIM0004E The initialization property 'bindPassword' is missing from the configuration.
at com.ibm.ws.wim.adapter.ldap.LdapConnection.initializeEnvironmentProperties(LdapConnection.java:194
7)
at com.ibm.ws.wim.adapter.ldap.LdapConnection.initializeServers(LdapConnection.java:1904)
at com.ibm.ws.wim.adapter.ldap.LdapConnection.initialize(LdapConnection.java:1832)
at com.ibm.ws.wim.adapter.ldap.LdapAdapter.initialize(LdapAdapter.java:235)
at com.ibm.ws.wim.RepositoryManager.initialize(RepositoryManager.java:610)
at com.ibm.ws.wim.RepositoryManager.<init>(RepositoryManager.java:131)
In regards to ".... never have to define in WAS 6.1"
The requirement for a LDAP bind password is enforced by the LDAP server, this is not a WAS requirement
If in fact you didn't define it in WAS v6.1, the LDAP server in use for WAS V6.1 didn't require it.
Based on the error, you've either changed LDAP servers or the LDAP server configuration has changed (or both)
As mentioned in the other post, you can troubleshoot this using a tool like ldapsearch
The technote at http://www-01.ibm.com/support/docview.wss?uid=swg21470063 discusses obtaining "must gather" and troubleshooting these types of issues (refer to the "collecting data manually" section)
You must check your ldap connection to the ldap server
User IBM WebSphere Console, Security settings, LDAP and take note about the LDAP connection settings.
Use a tool like ldapsearch in order to check the connection via shell command line.
It is possible that these bind password is not correct.
If you are using un Novell eDirectory Server you must take special attention in the bind user creation ( field password )