I'm experiencing an issue by using ODP.NET version 19.3 (latest Oracle Managed DataAccess available) to connect to Oracle 11g using a Secure External Password Store (SEPS), where the Oracle login credentials are stored in a client-side Oracle wallet.
If I switch to a classic login/password connection string, there are no problems with database connection and commands.
Furthermore, I report that all other .net applications that are using classic ODP 11 (un-managed DataAccess) have no problems to connect in SEPS mode; in fact, I'm building the first case of using ODP.NET 19.3 with SEPS and Oracle wallet mode.
In order I have:
created a wallet (with mkstore utils) for our application and put it in a directory of server: ie
C:\users\%APP_POOL_ID%\wallet
created (for all applications) a sqlnet.ora file and put it in Oracle Home directory of server: ie
%ORACLE_HOME%\Network\Admin
with the following content:
SQLNET.AUTHENTICATION_SERVICES=(NTS)
NAMES.DIRECTORY_PATH=(TNSNAMES,LDAP,EZCONNECT,HOSTNAME)
names.ldap_conn_timeout = 1
WALLET_LOCATION=(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=c:\users\%APP_POOL_ID%\wallet)))
SQLNET.WALLET_OVERRIDE = TRUE
DIAG_ADR_ENABLED = off
using the following ConnectionString:
Data Source=DS_NAME_1; User ID=[USER_ID_1];Proxy User Id=[USER_ID_1];
Note: User ID and Proxy User Id are specified with square brackets inside connection string.
This is the exception with stack trace we obtain:
Oracle.ManagedDataAccess.Client.OracleException: ORA-01017: invalid username/password; logon denied
at OracleInternal.ConnectionPool.PoolManager`3.Get(ConnectionString csWithDiffOrNewPwd, Boolean bGetForApp, OracleConnection connRefForCriteria, String affinityInstanceName, Boolean bForceMatch)
at OracleInternal.ConnectionPool.OraclePoolManager.Get(ConnectionString csWithNewPassword, Boolean bGetForApp, OracleConnection connRefForCriteria, String affinityInstanceName, Boolean bForceMatch)
at OracleInternal.ConnectionPool.OracleConnectionDispenser`3.Get(ConnectionString cs, PM conPM, ConnectionString pmCS, SecureString securedPassword, SecureString securedProxyPassword, OracleConnection connRefForCriteria)
at Oracle.ManagedDataAccess.Client.OracleConnection.Open()
and this is a portion of the trace I obtain enabling by <oracle.manageddataaccess.client> config section:
>[...]
>(PRI) (TUN) OracleTuningAgent::Unegister(): Unegistered pool Data Source=DS_NAME_1; User ID=;Proxy User Id=[USER_ID_1];
>[...]
Additionally, in another trace file, it's possible to see the WriteOAuthMessage passes BLANK password to DB:
>(PRI) (TTC) (EXT) TTCAuthenticate.ReadOSessKeyResponse()
>(PRI) (SVC) (ENT) OracleConnectionImpl.CheckForAnyErrorFromDB()
>(PRI) (SVC) (EXT) OracleConnectionImpl.CheckForAnyErrorFromDB()
>(PRI) (TTC) (ENT) TTCAuthenticate.WriteOAuthMessage()
>(PRI) (TTC) (ENT) TTCAuthenticate.WriteOAuthMessage()
>(PRI) (TTC) (ENT) TTCFunction.WriteFunctionHeader()
>(PRI) (TTC) (ENT) TTCMessage.WriteTTCCode()
>(PRI) (TTC) (EXT) TTCMessage.WriteTTCCode()
>(PRI) (TTC) (EXT) TTCFunction.WriteFunctionHeader()
>(PRI) (TTC) (EXT) TTCAuthenticate.WriteOAuthMessage()
>(PRI) (TTC) (EXT) TTCAuthenticate.WriteOAuthMessage()
>(NET) (SND) 00 00 03 80 06 00 00 00 |........|
>(NET) (SND) 00 00 |.. |
>(NET) (SND) 03 73 00 01 01 06 02 01 |.s......|
>[..user removed..]
>(NET) (SND) 41 55 54 48 5F 50 41 53 |AUTH_PAS|
>(NET) (SND) 53 57 4F 52 44 01 40 40 |SWORD.@@|
>(NET) (SND) 00 00 00 00 00 00 00 00 |........|
>(NET) (SND) 00 00 00 00 00 00 00 00 |........|
>(NET) (SND) 00 00 00 00 00 00 00 00 |........|
>(NET) (SND) 00 00 00 00 00 00 00 00 |........|
>(NET) (SND) 00 00 00 00 00 00 00 00 |........|
>(NET) (SND) 00 00 00 00 00 00 00 00 |........|
>(NET) (SND) 00 00 00 00 00 00 00 00 |........|
>(NET) (SND) 00 00 00 00 00 00 00 00 |........|
I excluded the problem is a really wrong login/password by logging in the server machine with user credentials and test connection to the database via sqlplus command.
Can anyone help me?
Many thanks!
