-
Bug
-
Resolution: Done
-
Critical
-
7.3.8.GA
-
None
-
False
-
False
-
Documentation (Ref Guide, User Guide, etc.), Release Notes, Compatibility/Configuration
-
Blocks Testing
-
-
-
-
-
-
-
+
-
Undefined
-
-
Caused by: java.sql.SQLException: OAUTH marshaling failure at oracle.jdbc.driver.T4CTTIoauthenticate.validateO5ServerResponse(T4CTTIoauthenticate.java:1650) at oracle.jdbc.driver.T4CTTIoauthenticate.doOAUTHWithO5Logon(T4CTTIoauthenticate.java:1469) at oracle.jdbc.driver.T4CTTIoauthenticate.doOAUTH(T4CTTIoauthenticate.java:1219) at oracle.jdbc.driver.T4CTTIoauthenticate.doOAUTH(T4CTTIoauthenticate.java:1173) at oracle.jdbc.driver.T4CConnection.authenticateUserForLogon(T4CConnection.java:1030) at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:646) at oracle.jdbc.driver.PhysicalConnection.connect(PhysicalConnection.java:1032) at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:90) at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:681) at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:602) at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:321) ... 238 more
IronJacamar automatically adds user and password properties to Driver/DataSource connection properties and Oracle JDBC driver (and/or database) seems to be sensitive to the presence of these properties.
In the case of Kerberos authentication, the user is automatically extracted from Subject and password is set to an empty string. IJ does it on multiple places, I didn't look for the exact place in this case, but one example is BaseWrapperManagedConnectionFactory.java#L1434
Here is an overview how Oracle Databases and Drivers behave with different combinations of connection properties
Database version: Oracle 12cR1
driver/props | no properties | user | password | both |
---|---|---|---|---|
12.2.0.1 | ok | ok | ok | ok |
19.3 | ok | ok | ok | ok |
19.10 | ok | ok | ok | ok |
21.1 | ok | ok | ok | ok |
Database version: Oracle 12cR2
driver/props | no properties | user | password | both |
---|---|---|---|---|
12.2.0.1 | ok | fail | ok | fail |
19.3 | ok | fail | ok | fail |
19.10 | ok | fail | ok | fail |
21.1 | ok | ok | ok | fail |
Database version: Oracle 19cR3
driver/props | no properties | user | password | both |
---|---|---|---|---|
12.2.0.1 | ok | fail | ok | fail |
19.3 | ok | fail | ok | fail |
19.10 | ok | fail | ok | fail |
21.1 | ok | ok | ok | fail |
- clones
-
JBEAP-21373 (7.4.z) JBJCA-1426 - OAUTH marshaling failure when connecting to Oracle database using Kerberos authentication
- Closed
- is incorporated by
-
JBEAP-22079 [GSS](7.3.z) Upgrade ironjacamar from 1.4.33.Final-redhat-00001 to 1.4.35.Final-redhat-00001
- Closed
- is related to
-
JBJCA-1426 Kerberos support: don't copy GSSCredential by default
- Resolved