Re: JDBC Thin and SQL*Net encryption

It's still possible to do with JDBC thin and Oracle ASO.
You will use oracle.net package to set properties and
open a DB connection with that properties object.

Like:

Properties props = new Properties();

try {
 props.put("oracle.net.encryption_client", "REQUIRED");
 props.put("oracle.net.encryption_types_client", "RC4_40 ");
 props.put("oracle.net.crypto_checksum_client","REQUESTED");
 props.put("oracle.net.crypto_checksum_types_client", " MD5 ");
 props.put("user", "scott");
 props.put("password","tiger");
} catch (Exception e) { e.printStackTrace(); }

Connection conn =
DriverManager.getConnection("jdbc:oracle:thin:@mydbhost:1521:orcl",
props);


On Thu, 23 Dec 2004 08:23:05 -0000, Johnson, George <GJohnson@xxxxxxx> wrote:
> 
>         We have been told by our auditors, that all SQL*Net traffic must now
> be encrypted to prevent snooping! We have one or two commercial JDBC apps
> using Thin connection methods. I suspect the answer is no, but other than
> programmatically within the code, is there any way to allow JDBC thin apps
> to utilise encrypted SQL*Net links to the DB listeners? I know OCI can as it
> gets to read the SQLNET.ORA configuration, but if I understand correctly,
> thin is entirely "standalone".
> 
>         Apologies in advance, I have only recently started "playing" with
> JDBC coding for my personal interest, so my knowledge of the technology may
> not be entirely correct.
> 
>         Rgds
>         George J
> 
> ****************************************************************************
> This message contains confidential information and is intended only
> for the individual or entity named.  If you are not the named addressee
> you should not disseminate, distribute or copy this e-mail.
> Please notify the sender immediately by e-mail if you have received
> this e-mail by mistake and delete this e-mail from your system.
> E-mail transmission cannot be guaranteed to be secure or error-free
> as information could be intercepted, corrupted, lost, destroyed, arrive
> late or incomplete, or contain viruses.  The sender therefore does not
> accept liability for any errors or omissions in the contents of this
> message which arise as a result of e-mail transmission.
> If verification is required please request a hard-copy version.
> This message is provided for informational purposes and should not
> be construed as an invitation or offer to buy or sell any securities or
> related financial instruments.
> GAM operates in many jurisdictions and is
> regulated or licensed in those jurisdictions as required.
> ****************************************************************************
> 
> --
> http://www.freelists.org/webpage/oracle-l
>
--
http://www.freelists.org/webpage/oracle-l

Other related posts: