Is it possible to use the ldap syntax similar to
jdbc:oracle:thin:#ldap://oid-uat:389/uatdb,cn=OracleContext,dc=abc,dc=xyz,dc=com
when defining driver properties for a connection using JPA in Eclipse ( I am trying with OpenJPA, but I don't suppose that matters ) ?
If I use
SID = /uatdb,cn=OracleContext,dc=abc,dc=xyz,dc=com
host = #ldap://oid-uat
Port = 389
it attaches a : after the port and that is invalid and doesn't work
The url becomes
jdbc:oracle:thin:#ldap://oid-uat:389:/uatdb,cn=OracleContext,dc=abc,dc=xyz,dc=com
which generates an error as exected.
I want to be able to set it up using ldap, so that I don't have to keep track of actual servers for different databases that I want to use for the JPA projects.
How can I set up the driver properties in Eclipse wizard ( or any file that I should change without using the wizards ) that will allow me to do this?
Related
I have a regression with a TCP\IP connection string post a firebird 3 migration from v2.5. The FirebirdClient version is 4.6.1 but I've tested with the latest stable version and it also doesn't work (v7.10.1).
The error message is "Your user name and password are not defined. Ask your database administrator to set up a Firebird login".
The stacktrace:
at FirebirdSql.Data.FirebirdClient.FbConnectionInternal.Connect()
at FirebirdSql.Data.FirebirdClient.FbConnectionPoolManager.Pool.GetConnection(FbConnection owner)
at FirebirdSql.Data.FirebirdClient.FbConnectionPoolManager.Get(ConnectionString connectionString, FbConnection owner)
at FirebirdSql.Data.FirebirdClient.FbConnection.Open()
The user was created via the IBExpert UI.
Here's how the connection string looks (not real life connection data obviously):
#"Database=inet://10.000.0.000:3050/C:\Database.FDB;User=MY_USER;Password=secret";
The same user works if using a standard same network connection string as below:
#dialect=3;initial catalog=C:\Database.FDB;data source=localhost;user id=MY_USER;password=secret;character set=ISO8859_1;pooling=True;connection lifetime=30;server type=Default;port number=3050
My firebird.conf is set like so:
ServerMode = Super
DefaultDbCachePages = 100K
FileSystemCacheThreshold = 100M
TempBlockSize = 2M
TempCacheLimit = 4000M
AuthServer = Legacy_Auth, Srp, Win_Sspi
AuthClient = Legacy_Auth, Srp, Win_Sspi
UserManager = Legacy_UserManager, Srp
WireCrypt = Enabled
RemoteServicePort = 3050
LockMemSize = 30M
LockHashSlots = 30011
RemoteAccess = true
Not sure what I'm missing here. The connection string above works with SYSDBA. According to the firebird documentation I've read it looks fine. I've read all other stackoverflow tickets with the same issue but don't see any answers that work for me. Any ideas?
Recent versions of FirebirdSql.Data.FirebirdClient support the version 13-15 wire protocol of Firebird 3, and then only support Srp authentication. Your old version supported only up to the v12 protocol (Firebird 2.5) and then would use the legacy authentication. If you created the user using the Legacy_UserManager (the default in your configuration), then you cannot authenticate with version 7.10.1 (where you could with 4.6.1), because as far as the Srp authentication plugin is concerned, the user does not exist.
It looks like you created the user either using gsec, which always applies the default user manager (FYI, gsec is deprecated since Firebird 3), or you used CREATE USER without USING PLUGIN Srp (or with USING PLUGIN Legacy_UserManager). You can verify this by checking the output of select sec$user_name, sec$plugin from sec$users. The solution would be to drop the user and then create it again with the right user manager (USING PLUGIN Srp).
Note that in theory you could have the user both for Srp and Legacy_UserManager (e.g. if the same user needs to be used by an application that cannot authenticate with Srp), but it is far more secure to have the user only exist for one plugin.
On a related note, the configuration you have applied is insecure. It is far more secure to leave out Legacy_Auth of the AuthServer setting or - if you still have applications that cannot apply Srp - to put it last (for both AuthServer and AuthClient). Similarly, it is recommended to put Legacy_UserManager last in UserManager (or leave it out entirely), so by default - if you use gsec, or don't include USING PLUGIN xxx in CREATE USER - it will create more secure Srp-type users.
I am trying to migrate an older 2.x server to 3.x due to the LDAPS connectivity requirement for a new AD tree/domain that is being created. I had to upgrade not only Freeradius but the server OS to support newer versions of TLS. I roughly had the configuration I think correct in 2.x, but cannot be 100% certain as authentication to the new AD tree structure was not completely working because of the SSL/TLS incompatibility. I am having a harder time with the new module configuration layout in 3.x.
The current 2.x performs authentication for 2 methods:
1) LDAP to the existing AD tree using a redundant server setup
2) SQL/PERL via a custom module.
The new 3.x server I need to perform 3 authentication checks via 2 methods:
1) LDAP to the existing AD tree using a redundant server setup
2) LDAPS to the new AD tree (possible redundant server setup)
3) SQL/PERL via the custom module
I have read that this may require templates for the LDAP configuration, but have not found any examples for that. Any help/guidance would be greatly appreciated.
The config is all in the LDAP module configuration file, raddb/mods-available/ldap - the ldap attribute map is in there, too.
To connect to two different LDAP servers, create two instances of the ldap module, e.g. where you have
ldap {
...
}
add another copy of that config with
ldap ldap-new {
...
}
then you can call ldap or ldap-new as appropriate in the server where needed to query the required LDAP server.
Make sure you create the appropriate symlinks to enable the module, e.g. raddb/mods-enabled/ldap -> ../mods-available/ldap.
You can certainly use templates to save duplicating config, but to begin with it's a lot easier to just copy the ldap config file, change the instance name in the new file and then tweak from there. Templates are likely to make things more confusing unless you know what you're doing.
I have an application written with spring-boot (i am new to it so please forgive me if question is dumb) that uses hibernate 4 and postgresql as DB backend.
I noticed a bunch of connections on the DB that belong to the connection pool stating: "SET extra_float_digits = 3"
Googling around, I've found that it is probably due to the use of the old protocol and that could be avoided using the assumeMinServerVersion parameter of the jdbc driver.
Now my question is: how do i pass / set that parameter from a spring-boot application?
According to this page you could set a assumeMinServerVersion parameter in the jdbc url, something like
spring.datasource.url=jdbc:postgresql://localhost/test?assumeMinServerVersion=XYZ
Iām trying to add new connection profile to Eclipses Hibernate tolls. But in configuration window I can specify only SID, but my database uses Service name. What can I do in this situation?
Oracle Thin Driver takes only SID in a New Connection Profile.
You need to select Other Driver instead of Oracle Thin Driver in New Driver Definition.
That will give you an option to give whole url in which you can give service name instead of sid.
eg) URL : jdbc:oracle:thin:#192.168.72.11:1521/serviceName
I am trying to create a jdbc connection to a postgresql database. I would like to use a datasource. In the documentation of postgresql is stated that one should not use their own implementations of the datasource, but use the implementations of org.apache.commons.dbcp instead. The SharedPoolDatasource looks perfect to me.
The jdbc driver must be postgresql. Glassfish v3.1 offers the opportunity to create a jdbc connection pool. I would like to use that one, but do not know how to make the connection between the commons datasource implementation and the jdbc driver. When I fill in the document on the glassfish server that particular field blanks out forcing me to use the postgresql datasource implementation.
Is this impossible to achieve or do I have to enter data manually in config files? So far I did not have any luck nor feedback. Exceptions should appear in the server.log, but the server.log currently does not show anything (it did show exceptions deploying jsf and ejb applications).
Should be possible....
1. Create a new JDBC Connection Pool:
2. Choose your desired Datasource Implementation Class:
You'll have to setup the details for databasename, user and password in the additional properties tab.
3. Create a new JDBC Resource: