I vote for answer #1, the manual is wrong.ĪDDENDUM: The above criticism aside, you probably want to either submit a "Reader Comment" on the bottom of the Oracle doc, or submit an SR, or both. It would seem to me that someone at Oracle updated the number from 11 to 12 without researching the implications. following implications of setting the value to 11. Turns out this Oracle doc was, so we're in luck, and they have snapshots of it dating back to 2011, preceding the CPUOct2012 by a year.Ĭuriously, if you look at the Dec 2011 version of the doc above, the paragraph you cited actually said (back then): However, you can get lucky sometimes if the page was crawled by the Internet Archive Wayback Machine. Oracle doesn't maintain a change log (such as you would find on FOSS projects, a Wikipedia article, or even the StackExchange questions). In my opinion, the most logical explanation is that Oracle updated this document many times since 2011 and the particular line you quoted is in fact incorrect today. I just tested it too, and found that I can connect with 11.2.0.3/11.2.0.4 JDBC thin clients without error, but when using older thin clients like 10.2.0.4, then I get the expected ORA-28040: No matching authentication protocol. Does anyone else have experience with both SQLNET.ALLOWED_LOGON_VERSION=12 and JDBC thin clients? We have thousands of users with many different configurations, I cannot rely on just my simple test. Is it only working in my simple test case as some undocumented feature, but will fail with other configurations?. I did have to upgrade ojdbc.jar from 11.2.0.1.0 to Oracle 11.2.0.3.0, but that is expected and also proves that the setting is truly taking affect on my server. I can connect with SQLNET.ALLOWED_LOGON_VERSION=12 and a JDBC thin client. The good news is that the manual might be wrong. I don't want to choose between decent password security and the recommended JDBC driver. Releases of OCI clients before Oracle Database 10g and all versions of JDBC thin clients cannot authenticate to the Oracle database using password-based authentication. Note the following implications of setting the value to 12: According to the Oracle Database Net Services Reference: To fix password security issues we need to set SQLNET.ALLOWED_LOGON_VERSION=12.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |