|
From: Stephen M. <ste...@gm...> - 2010-07-22 14:56:14
|
I have been able to successfully connect to Oracle over SSL using squirrel. I did modify the start scrip to include: -Djavax.net.ssl.trustStore=/tmp/cwallet.sso -Djavax.net.ssl.trustStoreType=SSO The limitation is that I can only connect to 1 SSL Oracle at a time. This requires me to have multiple startup scripts. Perhaps some time in the future, squirrel could use multiple truststores simultaneously. -Steve On Wed, Jul 7, 2010 at 3:19 PM, Robert Manning <rob...@gm...> wrote: > Yes that should work as initalize is called just after application startup. > > Rob > > On 7/7/10, Stephen More <ste...@gm...> wrote: >> I can try and use the newer driver, the problem is I also have to find >> osdt_cert.jar and osdt_core.jar - thats the hard part. >> >> Could I simply add >> >> new oracle.security.pki.OraclePKIProvider(); >> >> to initialize of net.sourceforge.squirrel_sql.plugins.oracle and >> rebuild the plugin ? >> >> >> On Wed, Jul 7, 2010 at 11:55 AM, Robert Manning >> <rob...@gm...> wrote: >> > I don't believe our plugin api exposes a callback prior to the >> > session's connection being created. Can you just use the 11.1.0.7 >> > jdbc driver ?( I believe it is compatible with 10g servers) >> > >> > Rob >> > >> > On 7/7/10, Stephen More <ste...@gm...> wrote: >> >> Reading closer in the oracle docs: >> >> >> >> "Unless you are using the 11.1.0.7 (and onwards) JDBC thin driver, >> >> before creating >> >> a new connection, you also need to instantiate OraclePKIProvider so >> >> that the class >> >> gets loaded and initialized: >> >> new oracle.security.pki.OraclePKIProvider();" >> >> >> >> I am using Oracle version 10.2.0.3. >> >> >> >> How can I instantiate OraclePKIProvider in SQuirreL ? Would this >> >> require a custom plugin ? >> >> >> >> >> >> >> >> On Wed, Jul 7, 2010 at 9:55 AM, Stephen More <ste...@gm...> wrote: >> >> > In my test code I have a line: >> >> > java.security.Security.addProvider( new >> >> > oracle.security.pki.OraclePKIProvider() ); >> >> > >> >> > If I comment out this line, I get the same error as squirrel. >> >> > >> >> > I have tried setting this statically by editing >> >> > C:\Program Files\Java\jre6\lib\security\java.security >> >> > and adding >> >> > security.provider.10=oracle.security.pki.OraclePKIProvider >> >> > >> >> > but it does not seem to have any effect. >> >> > >> >> > >> >> > On Wed, Jul 7, 2010 at 9:23 AM, Robert Manning >> >> > <rob...@gm...> wrote: >> >> >> Is Oracle configured properly to do the SSL Handshake ? Can you >> >> >> connect to that port from your client machine ? There are any number >> >> >> of reasons for this exception, which may or may not have to do with >> >> >> SSL configuration. >> >> >> >> >> >> Rob >> >> >> >> >> >> On 7/7/10, Stephen More <ste...@gm...> wrote: >> >> >>> I added those parameters to the startup script. I also verified they >> >> >>> show up in the "About/System tab". >> >> >>> >> >> >>> But I am not able to connect. >> >> >>> >> >> >>> java.sql.SQLException: Io exception: The Network Adapter could not >> >> >>> establish the connection >> >> >>> at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112) >> >> >>> at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:146) >> >> >>> at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:255) >> >> >>> at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:387) >> >> >>> at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:439) >> >> >>> at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:165) >> >> >>> at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:35) >> >> >>> at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:801) >> >> >>> at net.sourceforge.squirrel_sql.fw.sql.SQLDriverManager.getConnection(SQLDriverManager.java:133) >> >> >>> at net.sourceforge.squirrel_sql.client.mainframe.action.OpenConnectionCommand.execute(OpenConnectionCommand.java:97) >> >> >>> at net.sourceforge.squirrel_sql.client.mainframe.action.ConnectToAliasCommand$SheetHandler.run(ConnectToAliasCommand.java:280) >> >> >>> at net.sourceforge.squirrel_sql.fw.util.TaskExecuter.run(TaskExecuter.java:82) >> >> >>> at java.lang.Thread.run(Unknown Source) >> >> >>> >> >> >>> >> >> >>> On Tue, Jul 6, 2010 at 7:20 PM, Robert Manning >> >> >>> <rob...@gm...> wrote: >> >> >>> > Stephen, >> >> >>> > >> >> >>> > You could edit the launch script to add >> >> >>> > >> >> >>> > -Djavax.net.ssl.trustStore=/tmp/cwallet.sso -Djavax.net.ssl.trustStoreType=SSO >> >> >>> > >> >> >>> > to the line that invokes the JVM. Anywhere on the last line with >> >> >>> > JAVACMD, after JAVACMD, but before >> >> >>> > net.sourceforge.squirrel_sql.client.Main. >> >> >>> > >> >> >>> > Rob >> >> >>> > >> >> >>> > On Tue, Jul 6, 2010 at 3:13 PM, Stephen More <ste...@gm...> wrote: >> >> >>> >> Thanks, >> >> >>> >> Any idea how to set javax.net.ssl.trustStore or >> >> >>> >> javax.net.ssl.trustStoreType properties ? >> >> >>> >> >> >> >>> >> On Tue, Jul 6, 2010 at 2:56 PM, Robert Manning >> >> >>> >> <rob...@gm...> wrote: >> >> >>> >>> You can add them in the "Extra Class Path" tab of the Oracle JDBC >> >> >>> >>> driver definition. >> >> >>> >>> >> >> >>> >>> Rob >> >> >>> >>> >> >> >>> >>> On 7/6/10, Stephen More <ste...@gm...> wrote: >> >> >>> >>>> I am trying to use SQuirreL to connect to SSL With Oracle JDBC Thin Driver: >> >> >>> >>>> http://www.oracle.com/technology/tech/java/sqlj_jdbc/pdf/wp-oracle-jdbc_thin_ssl.pdf >> >> >>> >>>> >> >> >>> >>>> I have java code working. The code requires extra properties to be set >> >> >>> >>>> - props.setProperty( "javax.net.ssl.trustStore", >> >> >>> >>>> "/tmp/cwallet.sso" ); >> >> >>> >>>> - props.setProperty( "javax.net.ssl.trustStoreType", "SSO" ); >> >> >>> >>>> how can I set these properties in the SQuirreL GUI ? >> >> >>> >>>> >> >> >>> >>>> It also requires ojpse.jar and oraclepki.jar to be in the classpath. >> >> >>> >>>> Where would be the best location to put these jars to enable SQuirreL >> >> >>> >>>> to connect to Oracle using SSL ? >> >> >>> >>>> >> >> >>> >>>> -Thanks >> >> >>> >>>> Stephen More >> >> >>> >>>> >> >> >>> >>>> ------------------------------------------------------------------------------ >> >> >>> >>>> This SF.net email is sponsored by Sprint >> >> >>> >>>> What will you do first with EVO, the first 4G phone? >> >> >>> >>>> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first >> >> >>> >>>> _______________________________________________ >> >> >>> >>>> Squirrel-sql-users mailing list >> >> >>> >>>> Squ...@li... >> >> >>> >>>> https://lists.sourceforge.net/lists/listinfo/squirrel-sql-users >> >> >>> >>>> >> >> >>> >>> >> >> >>> >> >> >> >>> > >> >> >>> >> >> >> >> >> > >> >> >> > >> > |
