I am setting up multiple datasources on WS 7 for JNDI access.
After clicking one of the datasources -> Connection Pool Properties -> Connection Pool Custom Properties, I gave two properties:
Property1 Name: user
value: someuser
Property2 Name: password
value: somepassword
And after save the configuration and get back to that data source, I hit the Test connection button so it give me a nice exception:
java.sql.SQLException: ORA-01017: invalid username/password; logon denied DSRA0010E: SQL State = 72000, Error Code = 1,017
And I do see that exception from JVM log as well. The issue remains even get the server restarted?
What's going wrong then?
Update 1
Forget to mention that I have set JAAS authentication to none but still get the exceptions..
You may try using an 'J2C authentication alias' to define your username/password pair instead of custom properties. You may see the link for J2C Authentication Alias definitions at right hand side of datasource definition screen. After you define you username/password pair as an authentication alias, you shall select that alias for your datasource form the list of aliases.
For reference you may check Configuring a data source using the administrative console (item 10) at infocenter.
Related
Am using WebSphere 9.0.5.10 and trying to connect DB2 database over SSL port.
I tried to retrieve the certificate from DB2 database by using the below procedure.
Import the database server certificate.
1.Open the WebSphere Application Server administrative console.
Security > SSL certificate and key management > Key stores and certificates > {NodeDefKeystore}
Signer certificates > Retrieve from port.
Clicked Retrieve from port.
Enter the host name and security port of the database server.
Type an alias name for the certificate.
Click Retrieve signer information.
Click OK to save the configuration.
2.Configure the data source to support SSL connections.
Select Resources > JDBC > Data sources.
Select WebSphere Commerce database DataSource demo in the data source list, where database can be either DB2 or Oracle.
Update the port number in the Common and required data source properties section. Enter the value of the security port that you set in the database server.
Clicked Apply.
In the Additional Properties section, select Custom properties.
Clicked New
Enter sslConnection in the Name field, and enter true in the Value field.
Click OK to save the configurations.
Post service restart, tried to check the database connection and got below error.
Someone please help to resolve the issue.
Error: The test connection operation failed for data source on server nodeagent at node with the following exception: java.sql.SQLException: [jcc][t4][2030][11211][4.29.24] A communication error occurred during operations on the connection's underlying socket, socket input stream, or socket output stream. Error location: Reply.fill() - socketInputStream.read (-1). Message: com.ibm.jsse2.util.h: PKIX path building failed: java.security.cert.CertPathBuilderException: unable to find valid certification path to requested target. ERRORCODE=-4499, SQLSTATE=08001 DSRA0010E: SQL State = 08001, Error Code = -4,499. View JVM logs for further details.
The Test Connection function makes a best attempt at connecting, but some security requirements are not supported by this, since Test Connection is not an equivalent application.
Test Connection does not have the same quality of function available as an application, hence, an application in this case is the best method to test any database connections.
Another document that is well worth checking is:
WebSphere Application Server Data Source driver connection over SSL with Database server
https://community.ibm.com/community/user/wasdevops/blogs/ajit-jariwala/2021/10/06/websphere-application-server-data-source-driver-c
Otherwise it's more of a DB2 JDBC Driver issue with the error -4499
Perhaps, also test the very latest JDBC Driver 4.32.28
https://www.ibm.com/support/pages/db2-jdbc-driver-versions-and-downloads
Hope it helps!
Dave
I'm looking for some help in figuring out the correct syntax to connect to Oracle from ADF using a proxy user authentication.
The setup is:
An integration runtime has been setup to connect to an on-premise Oracle instance
The connection type is on Oracle Service Name
User name and Password are provided.
When simply using the user name / password combination the connection can be established, and the tables in the (proxy) user schema can be viewed.
However, these are not the correct tables as the setup in the Oracle instance is using connect through / proxy user authentication. Usually, the syntax for login is username[schema-you-want-to-work-with] for this but this does not work in Azure Data Factory for me.
I have tried various syntax attempts in the connection JSON, using additional connection properties but not luck. The error message, when logging in with the proxy user authentication, is always
ERROR [28000] [Microsoft][ODBC Oracle Wire Protocol driver][Oracle]ORA-01017: invalid username/password; logon denied ERROR [28000] [Microsoft][ODBC Oracle Wire Protocol driver][Oracle]ORA-01017: invalid username/password; logon denied Activity ID: da224af9-16ad-4674-a4c9-4811be8f726c.
Logging in with SQL Plus or SQL Developer works with the same connection string.
Does anyone have an idea how I can log in with the proxy user and see the normal schema content? I'm thinking it may just be a syntax issue but I'm out of ideas.
Basic successful connection
Unsuccessful connection with connect through
I am not able to setup user registry in RTC's JTS setup.
I selected "non-LDAP external registry" option and tried by giving users as "JAdmin", "Administrator", etc.
On click of next it is giving me error message
TypeError: 'this.currentForm.statusMsgHandler' is null or not an object
and Warning:
You need to be authenticated as a user from LDAP to
import your user and assign licenses.
Ensure the application container settings are configured correctly
for LDAP, restart the server, and log in with a user from the LDAP
directory to continue.
I think even if I am selecting "non-LDAP external registry" it is considering "LDAP" option and trying to connect to LDAP (According to log)
javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr:
DSID-0C0906E8, comment: In order to perform this operation
a successful bind must be completed on the connection., data 0, v1db1 ];
Remaining name: 'ou=people,dc=jazz,dc=net'
Please help out to get over it!
I configured RTC using OpenDJ LDAP.
In WebSphere 6.1 I have created a datasource to an Oracle 11g instance using the thin JDBC client.
In Oracle I have two users, one existing and another newly created.
My websphere datasource is OK if I use the component-managed authentication alias of the existing user, but fails with "invalid user/password" message if I use the alias of the new user. The error message is:
The test connection operation failed for data source MyDB (Non-XA) on
server nodeagent at node MY_node with the following exception:
java.sql.SQLException: ORA-01017: invalid username/password;
logon denied DSRA0010E: SQL State = 72000, Error Code = 1,017.
View JVM logs for further details.
There is nothing in the JVM logs. I have grepped all websphere logs and they do not mention my connection at all.
I can confirm that the username and password are correct by logging in via SQLPlus or (to prove the JDBC connection is OK) via SQuirreL.
I have checked in Oracle that the new user has all the system privs that the existing user has.
Any thoughts on what is going on or how I can debug this further?
Just FYI. I am guessing you are running WebSphere in Network Deployment mode.
This behavior you're experiencing is actually by design.
The reason for it is that the "Test Connection" button you see on the admin console, invokes the JDBC connection test from within the process of the Node Agent. There is no way for the J2C Alias information to propagate to the Node Agent without restarting it; some configuration objects take effect in WebSphere as soon as you save the configuration to the master repository, and some only take effect on a restart. J2C aliases take effect on restarts.
In a Network Deployment topology, you may have any number of server instances controlled by the same Node Agent. You may restart your server instances as you'd like, but unless you restart the Node Agent itself, the "test connection" button will never work.
It's a known WebSphere limitation... Which also exists on version 7.0, so don't be surprised when you test it during your next migration. :-)
If this happens to anyone else, I restarted WebSphere and all my problems went away. It's a true hallmark of quality software.
Oftentimes when people tell me they can't log into Oracle 11g with the correct password, I know they've been caught out by passwords becoming case-sensitive between 10g and 11g.
Try this :
data source definition
security
use the j2c alias both autentication managed by component and autentication managed by container
IBM WAS 8.5.5 Knowledge Center - Managing Java 2 Connector Architecture authentication data entries for JAAS
If you create or update a data source that points to a newly created J2C authentication data alias, the test connection fails to connect until you restart the deployment manager.
After you restart the deployment manager, the J2C authentication data is reflected in the runtime configuration. Any changes to the J2C authentication data fields require a deployment manager restart for the changes to take effect.
The node agent must also be restarted.
I have point my data source to componenet-manage authentication as well as container-managed authentication.Its working fine now........
I have a standalone application that needs to connect to a Sybase database via a datasource, I'm trying to connect using getConnection() and get the connection from this Sybase datasource which is hosted in WAS 6.1, sadly I'm getting an error JZ004 -> Sybase(R) jConnect for JDBC(TM) Programmer's Reference: SQL Exception and Warning Messages
JZ004 error message is:
User name property missing in DriverManager.getConnection(..., Properties)
Action: Provide the required user property.
As you can see, this is not a connectivity (so we can discard JNDI or lookup problems), but rather a configuration problem. For my Sybase datasource in WAS 6.1 I have set up the proper authentication alias (Component-managed Authentication Alias), and I know the credentials are alright, "Test Connection" is successful for this datasource. Somebody had a similar problem and was because of the authentication alias-> http://forum.springsource.org/showthread.php?t=39915
Next, I tried calling getConnection() but now I provided the credentials like getConnection(user, password)... and this time it worked!!! So I suspect that somehow WAS 6.1 is not picking or taking the authentication info I set in the datasource as mentioned before.
If you think that maybe getConnection(user, password) should be OK for my case, well, that's not the case since I have a requirement to keep the credentials in the server, the standalone application only needs to know the JNDI information to lookup the datasource.
Please let me know if have faced a similar problem, or what would you suggest me to do.
Thanks.
In order to use the configured resource, you need to look it up rather than using DriverManager directly:
new InitialContext().lookup("myDS");
In another thread -> Call to DataSource.getConnection not returning the expected connection, I got an answer that also solved this issue, basically the answer is that an authentication alias won't work for external clients according to the J2C documentation. The workaround is to provide the user and password as custom properties instead of being provided as an authentication alias.