Re: JDBC Thin and SQL*Net encryption
- From: Richard Ji <richard.c.ji@xxxxxxxxx>
- To: GJohnson@xxxxxxx
- Date: Thu, 23 Dec 2004 15:47:29 -0500
It's still possible to do with JDBC thin and Oracle ASO.
You will use oracle.net package to set properties and
open a DB connection with that properties object.
Like:
Properties props = new Properties();
try {
props.put("oracle.net.encryption_client", "REQUIRED");
props.put("oracle.net.encryption_types_client", "RC4_40 ");
props.put("oracle.net.crypto_checksum_client","REQUESTED");
props.put("oracle.net.crypto_checksum_types_client", " MD5 ");
props.put("user", "scott");
props.put("password","tiger");
} catch (Exception e) { e.printStackTrace(); }
Connection conn =
DriverManager.getConnection("jdbc:oracle:thin:@mydbhost:1521:orcl",
props);
On Thu, 23 Dec 2004 08:23:05 -0000, Johnson, George <GJohnson@xxxxxxx> wrote:
>
> We have been told by our auditors, that all SQL*Net traffic must now
> be encrypted to prevent snooping! We have one or two commercial JDBC apps
> using Thin connection methods. I suspect the answer is no, but other than
> programmatically within the code, is there any way to allow JDBC thin apps
> to utilise encrypted SQL*Net links to the DB listeners? I know OCI can as it
> gets to read the SQLNET.ORA configuration, but if I understand correctly,
> thin is entirely "standalone".
>
> Apologies in advance, I have only recently started "playing" with
> JDBC coding for my personal interest, so my knowledge of the technology may
> not be entirely correct.
>
> Rgds
> George J
>
> ****************************************************************************
> This message contains confidential information and is intended only
> for the individual or entity named. If you are not the named addressee
> you should not disseminate, distribute or copy this e-mail.
> Please notify the sender immediately by e-mail if you have received
> this e-mail by mistake and delete this e-mail from your system.
> E-mail transmission cannot be guaranteed to be secure or error-free
> as information could be intercepted, corrupted, lost, destroyed, arrive
> late or incomplete, or contain viruses. The sender therefore does not
> accept liability for any errors or omissions in the contents of this
> message which arise as a result of e-mail transmission.
> If verification is required please request a hard-copy version.
> This message is provided for informational purposes and should not
> be construed as an invitation or offer to buy or sell any securities or
> related financial instruments.
> GAM operates in many jurisdictions and is
> regulated or licensed in those jurisdictions as required.
> ****************************************************************************
>
> --
> //www.freelists.org/webpage/oracle-l
>
--
//www.freelists.org/webpage/oracle-l
Other related posts:
