Connection to Oracle without a username or password

StackOverflow https://stackoverflow.com/questions/211133

  •  03-07-2019
  •  | 
  •  

Question

Oracle has this concept of allowing database users to be identified by the operating system user who is running the program that is connecting to Oracle. See here.

This allows you to do, as that user on a unix machine for example, a command such as:

sqlplus /

I am attempting to write a Java program for Oracle 10.2 which connects without a username or password. The obvious choice of url:

jdbc:oracle:thin:/@localhost:1521:MYDBSID

doesn't work, giving an error (Sorry I don't have the error available right now).

I have attempted many other forms of doing this as well, but with no luck.

Does anyone have any suggestions on how I can connect a Java program to Oracle using the OS identification method?

Was it helpful?

Solution

The JDBC Thin driver is a 100% pure Java implementation that cannot collect the needed information from the operating system.

The JDBC OCI driver can do this! Use jdbc:oracle:oci8:/@MYDBSID, it will require that the Oracle driver be installed on that machine, not a problem if this is a server (and is faster to boot and supports many more features than the thin driver)

OTHER TIPS

The jdbc driver that oracle ships does NOT have the capability of gathering the OS username and password from the URL that you provide it. Suppose, there are 3rd party JDBC driver providers for ORACLE, one of them might provide the functionality that you're asking for. you should google around.

Thanks to those that answered. We've gone with the OCI driver.

I did find documentation to suggest that Oracle 11g does support OS user authentication via the thin driver though:

http://www.orindasoft.com/public/Oracle_JDBC_JavaDoc/javadoc1110/oracle/jdbc/OracleConnection.html#CONNECTION_PROPERTY_THIN_VSESSION_OSUSER

I don't have an 11g setup to test this on, so I can't be certain this works.

If you're accessing Oracle from a J2EE appserver, you could achieve a similar end by using JNDI to acquire a datasource.

The 11g thin driver can connect using Kerberos authentication.

See Connect to an Oracle database using Kerberos

try following jdbc:oracle:thin:username/password@localhost:1521:MYDBSID

you need to specify the account information

sqlplus / as sysdba on a unix machine which go through the operation system autentication

OS authentication support in the JDBC thin driver was added in 11g (you can download the JDBC thin driver from 11.2.0.4 on OTN).

Note that you have to allow remote OS authentication on the server (over TCP) otherwise it will only work with sqlplus using IPC or BEQ locally. In your init.ora file, add this:

REMOTE_OS_AUTHENT = TRUE

Then if you user is "osuserdemo" on the client machine, create a database user like this and restart the DB:

 CREATE USER OSUSERDEMO IDENTIFIED EXTERNALLY;
 GRANT CONNECT,CREATE SESSION,RESOURCE TO OSUSERDEMO;

And the JDBC thin driver should be able to connect without any username or password.

It's worth noting that this feature - considered as highly unsecured - has been de-supported in 12c.

jdbc:oracle:oci:@ works with ojdbc6.jar and Oracle 11g2

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top