WebSphere to Oracle - doesn't accept correct password

Question

In WebSphere 6.1 I have created a datasource to an Oracle 11g instance using the thin JDBC client.

In Oracle I have two users, one existing and another newly created.

My websphere datasource is OK if I use the component-managed authentication alias of the existing user, but fails with "invalid user/password" message if I use the alias of the new user. The error message is:

The test connection operation failed for data source MyDB (Non-XA) on 
server nodeagent at node MY_node with the following exception: 
java.sql.SQLException: ORA-01017: invalid username/password; 
logon denied DSRA0010E: SQL State = 72000, Error Code = 1,017. 
View JVM logs for further details.

There is nothing in the JVM logs. I have grepped all websphere logs and they do not mention my connection at all.

I can confirm that the username and password are correct by logging in via SQLPlus or (to prove the JDBC connection is OK) via SQuirreL.

I have checked in Oracle that the new user has all the system privs that the existing user has.

Any thoughts on what is going on or how I can debug this further?

Answer 1

If this happens to anyone else, I restarted WebSphere and all my problems went away. It's a true hallmark of quality software.

Answer 2

Oftentimes when people tell me they can't log into Oracle 11g with the correct password, I know they've been caught out by passwords becoming case-sensitive between 10g and 11g.

Answer 3

Just FYI. I am guessing you are running WebSphere in Network Deployment mode. This behavior you're experiencing is actually by design.

The reason for it is that the "Test Connection" button you see on the admin console, invokes the JDBC connection test from within the process of the Node Agent. There is no way for the J2C Alias information to propagate to the Node Agent without restarting it; some configuration objects take effect in WebSphere as soon as you save the configuration to the master repository, and some only take effect on a restart. J2C aliases take effect on restarts.

In a Network Deployment topology, you may have any number of server instances controlled by the same Node Agent. You may restart your server instances as you'd like, but unless you restart the Node Agent itself, the "test connection" button will never work.

It's a known WebSphere limitation... Which also exists on version 7.0, so don't be surprised when you test it during your next migration. :-)

Answer 4

Try this : data source definition security use the j2c alias both autentication managed by component and autentication managed by container

Answer 5

IBM WAS 8.5.5 Knowledge Center -
Managing Java 2 Connector Architecture authentication data entries for JAAS

If you create or update a data source that points to a newly created J2C authentication data alias, the test connection fails to connect until you restart the deployment manager.

After you restart the deployment manager, the J2C authentication data is reflected in the runtime configuration. Any changes to the J2C authentication data fields require a deployment manager restart for the changes to take effect.

The node agent must also be restarted.