I have an oracle database where I'm using proxy authentication and windows authentication. This allows me to authenticate the user against AD servers and yet allows pooled connections.
I understand that I can use the oracle data provider for dot net. However, I would prefer to use an orm such as nHibernate. Is it possible to use the nHibernate and use oracle proxy authentication?
All nhibernate needs to know is how to create a connection to your oracle databae right? This is all done by the connection string where you pass in the proxy user's name/pw or you could use Integrated Security in Oracle 8i release 3 or later.
This means this has nothing to do with nhibernate I would say. So yes, it should work.
Related
I'm looking for a possibility to encrypt the connection to our Oracle database. I did find this post below:
How to encrypt FireDAC connection to use TLS/SSL in Delphi?
The only answer I see there is that we have to buy ($3000/developer, wow) and use a CData component.
Is FireDAC ready for using network encryption with an Oracle DB? If so, how do I configure that?
Don’t know about FireDac secure connection, but we use third-party components for this. First of all – it’s not a good idea to leave Oracle DB open from anywhere on the internet, try to change your application architecture to use (for example) REST-API from the internet and secure vpn or closed part of the network between REST-Server and Oracle. If it’s not possible or the client is in “paranoid mode” then you can use Devart ODAC and Devart SecureBridge. This allows you to connect to Oracle securely. It's not free, but it's not $3,000 for a developer either. Here is a documentation how to use it: https://docs.devart.com/odac/ssl.htm
We have a large SSIS solution with many connection managers pointing to Oracle. Provider is ODBC, data sources are set to defined system DSNs. So far we use user names and passwords and everything works fine. Now we want to switch to Kerberos authentication.
I can already successfully query the Oracle database using sqlplus with Windows authentication.
I'm having hard time achieving the same from SSIS using ODBC connection managers.
Is it possible to reconfigure the ODBC connection managers so they will use Windows authentication? How should be the connection manager configured?
The question is specifically about ODBC, please avoid answers like "use Attunity".
We use MS SQL Server 2016 Enterprise edition, Oracle 12.2.
I finally made it working, hope it helps someone.
I created a new DSN
as User ID I put [OracleUserName]
beware the square brackets! Those are necessary
the OracleUserName is user name configured on Oracle side (I do not know much about Oracle). The DBA configured the AD account to be able to login as this user.
I am wondering about the following:
A JDBC driver authenticating a user to a remote Oracle RDBMS using OpenID authentication.
In this instance the Oracle RDBMS will NOT see the user's password.
Is it possible to setup Oracle RDBMS to be an OpenID Relying Party? If so, what versions can be setup this way?
Is there a JDBC driver that can act as a User Agent that can handle the HTTP(S) redirections and such inherent in OpenID authentication?
Thanks.
Ha a look at Oracle Identity Federation.
Is it possible to use LDAP authentication with Liquibase?
If not, how have others solved the problem of automating changes to production database schemas using Liquibase (yet still keeping the database credentials secure)?
LDAP is used for server-side authentication. Not all databases support it, for example MySQL only supports it in it's Enterprise version.
Securing the credentials, used by clients like liquibase, falls into two categories:
Protecting data in transit
Protecting credentials at rest
To protect credentials in transit, I'd recommend using a JDBC driver which supports SSL. Some JDBC drivers support this feature, for example MySQL. Another approach is to tunnel the JDBC traffic over a SSH tunnel.
Protecting credentials at rest (in configuration files) is more difficult and depends on how you plan to invoke liquibase. If you're using ANT, I'd suggest using the answer to this question on how to read encrypted property files.
I'm developing Java apps on Tomcat 5.5 using JNDI to connect to shared dbcp connection pools with JDBC 3.0 drivers and DB2 8 on zOS and also DB2 9 on LUW. In my app, I use org.springframework.jndi.JndiObjectFactoryBean to get the dataSource and feed it into an org.springframework.jdbc.core.simple.SimpleJdbcTemplate to run the queries. This has been a fairly good solution so far, but our DBAs are requesting that we provide better granularity for auditing SQL performance. Currently, all portlets and apps use the same connection pool to connect to the database and the only way to distinguish between apps is to match the SQL run with the SQL in each app. We don't want to create seperate pools for each app. DB2 provides several methods on their DB2Connection from the driver that allow us to set audit information.
setDB2ClientApplicationInformation
setDB2ClientUser
setDB2ClientWorkstation
setDB2ClientAccountingInformation
My question is... what's the best way to set these values on a connection from a connection pool. Do I need to access the underlying connection in order to set these values? Should I clear them before returning the connection to the pool? Does anyone have code examples?