logon denied for oracle wallet user
-
13-03-2021 - |
Pergunta
Following a video tutorial on oracle wallets: https://youtu.be/LLZzUNb9ALU
The db server is run from oracle's official docker container.
The steps I have done are as follows:
- On server shell, ran sql plus as sysdba:
$ sqlplus / as sysdba
- Created a user:
SQL> alter session set "_ORACLE_SCRIPT"=true;
SQL> CREATE USER fred identified by flintstone;
SQL> GRANT CONNECT, RESOURCE, DBA to fred;
- Tested logon:
$ sqlplus fred/flintstone
SQL> show user;
User is "fred"
- Created a wallet at default location:
$ORACLE_BASE/admin/$ORACLE_SID/wallet
$ orapki wallet create -wallet $ORACLE_BASE/admin/$ORACLE_SID/wallet -auto_login -pwd MyWalletPass
- Created a wallet profile for user
fred
:
$ mkstore -wrl $ORACLE_BASE/admin/$ORACLE_SID/wallet -createCredential $ORACLE_SID fred flintstone
- Tried to login sqlplus:
$ sqlplus /@$ORACLE_SID
This fails. Got the error ORA-01017: invalid username/password; logon denied
Not able to understand whats wrong. The final goal is to use this wallet for a nodejs application with external auth (node-oracledb). But I think if I can fix step 6 I should be able to use from nodejs.
Solução
As suggested by Andrew
The 1st part, I explicitly mentioned wallet location in sqlnet.ora
file, and also included the following line:SQLNET.WALLET_OVERRIDE=TRUE
. Also verified the correct tns entry in tnsnames.ora
. (This is already taken care of during container start, so I didn't have to do anything).
For the 2nd part, I had to use the same sqlnet.ora
with the exception that the WALLET_LOCATION
parameter was updated with the location to the wallet folder on the client machine. And for the client program, I had to set the TNS_ADMIN
environment variable; I had to point it to the folder where the former file would reside. Additionally added a tnsnames.ora
file and added a tns name (similar to the oracle service name on the db server).
Note: On the client machine, we have to be careful of the syntax in the sqlnet.ora
and the tnsnames.ora
file. Different clients have various ways to connect. I have just noted for the case of a nodejs program which used orcaledb
as the oracle client. These specific type of clients make use of the environment variable TNS_ADMIN
.