Tuesday 4 April 2017

SQLDeveloper/SQLcl LDAP + url + 3rd party connection tricks

SQLDeveloper/SQLcl LDAP + url + 3rd party connection tricks:

SQLDeveloper LDAP look up only tested with (i.e. only works with) OID LDAP Very little code - issue is setup for testing non default setup (with different OID setups) before release.
Note look up is at configuration save time not at live connection create time.

Can be avoided:

Note you can use url based LDAP calls (connection type -> advanced) - awkward - the ldap server is queried at connect time (for host port etc).
Note there is a different syntax depending on whether you are using thick(oci/C) or thin(pure java) driver.
These 'refer to ldap by url' connections can be exported imported etc as normal.

Old semi related LDAP blog:
http://totierne.blogspot.co.uk/2009/03/sqldeveloper-ldap-success-and-failure.html


SQLCL(+connect command) LDAP;
 http://barrymcgillin.blogspot.co.uk/2015/01/sqlcl-ldap-anyone.html
ie set LDAPCON jdbc:oracle:thin:@ldap:__WHATEVER_YOU_WANT__  use #ENTRY# for whatever you want your lookup is called eg ORCL in connect system/manager@ORCL
LDAPCON can be shell/dos environmental variable. 
This is a very thin helper search and replace for the raw 'explicit ldap url' method.

Actually you can put in connect system/manager@[1]

[1]_whatever_url_you_want_only_likely_to_work_for_jdbc:oracle:thin:_jdbc:oracle:oci__

Some 3rd party url used to work if classpath OK
That has been deemphasised not tested
I do not think we went out of our way to break it but not tested usually eventually means does not work:
http://dermotoneill.blogspot.co.uk/2010/11/workheet-hints.html
http://dermotoneill.blogspot.co.uk/2010/11/cross-database-bridge-statement.html is a special case for getting 3rd party information into Oracle database (select on 3rd party side (limited to select i.e. more likely to work), insert on Oracle side).

Thank you for your time,
Turloch
-SQLDeveloper Team

Monday 3 April 2017

Kerberos and SQLDeveloper (without Oracle Client)

Hi Kerberos users,

#1/Confirm your configuration with sqlplus.
If sqlplus works -> with Oracle Client should work.

If you do not want to use Oracle Client:
The non Oracle Client route is a different 'pure java' code path - no sqlnet.ora configuration.

#2/Cache - needs to be blank or point to a file ie not OSMFT If blank password is prompted for (nearly) each time.
#3/http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html jce may be required for some common authentication/encryption algorithms.

#4/Oracle Kerberos connection code is available at:
https://docs.oracle.com/database/121/JJDBC/clntsec.htm#JJDBC28344

#5/There is a way of tracing thin - it is documented somewhere - never used it myself (as I have access to debugging into the code) - could not find it with a few searches - from memory it involves a Man[person/process]In The Middle technique.
Old style 'C' tracing (set on the server/listener side) may be of some use.

#6/I wrote up this:
http://totierne.blogspot.co.uk/2013/02/introduction-to-tracing.html
However it was more for the text of what sql command failed rather than for connection issues.

Thank you for your time,
Turloch O'Tierney

-SQLDeveloper Team