I'm using Oracle JDBC driver in my Java app to reach Oracle DB. Creating the connection using code:
DriverManager.getConnection(
"jdbc:oracle:thin:@myserver:port:mySID",
"myuser",
"mypassword");
requires the real password. Is there a way to specify the password hash instead such as:
DriverManager.getConnection(
"jdbc:oracle:thin:@myserver:port:mySID",
"myuser",
"mypasswordHash");
You are correct: sqlnet. ora is exclusive to the JDBC thick/OCI driver. Changing parameters in sqlnet. ora will have no effect on the JDBC thin connection.
Oracle Advanced Security, previously known as the Advanced Networking Option (ANO) or Advanced Security Option (ASO), includes features to support data encryption, data integrity, third-party authentication, and authorizations. Oracle JDBC supports most of these features.
JDBC is a database connection protocol, it's as secure as all other means to connect to database. Most secure issues have nothing to do with JDBC protocol itself. For example, you can minimize the risk of SQL Injection by using Prepared Statement.
An Always Encrypted enabled driver, such as the Microsoft JDBC Driver 6.0 (or higher) for SQL Server, achieves this behavior by transparently encrypting and decrypting sensitive data in the client application.
According to Does the Oracle JDBC client encrypt password when you make a connection? there is no need to use a hash when connecting. If you just want nobody to be able to read the password in plain text then have a look at Encrypt Password in Configuration Files?.
Oracles approach closest to obfuscation seems to be wallets with "auto login": For a Java example see http://sysapp.wordpress.com/2010/08/31/how-to-oracle-wallet-with-jdbc-thin-driver-datasource-tomcat/. But this seems to require specific Oracle Admin actions: see How to Create a Complete Wallet (maybe your DBA knows more about it). For other options to connect without a password in the clear see JDBC Client-Side Security Features.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With