3

I have been through a variety of different SO posts and questions trying to find an answer here, but so far I've had no luck, so I'm going to ask to see if anyone has anything newer to help.

My situation: I am working on a thick-client application built in Windows Forms (it's a legacy application that was resurrected recently with a low budget and REALLY short runway to production).

  • Oracle 12.2c database, for which I do not have DBA privileges. Our security requirements will not allow our DBAs to change the SEC_CASE_SENSITIVE_LOGON to FALSE (meaning it is set to TRUE and must stay that way).
  • ODP.NET Managed Data Access DLL version 19.11.0, but I also tried with 12.2.1100
  • .NET Framework 4.6.2, but I've also tried to use ODP.Net Core with .NET Core 3, and had the same problem
  • Registry setting Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy for Enabled is set to 0,
  • I have tried wrapping the username and password in quotes in the connection string, but it still fails.
  • If I use the ODP.NET Unmanaged driver, with the exact same connection string (and all other parts identical), I can successfully connect to the Oracle 12c, but the managed driver results in ORA-01017 - invalid username/password
  • As mentioned in other posts, if I try too many times, my account will get locked, so it does hit the DB, but gets rejected.

Most relevant question/answers that I've tried (or been denied the ability to try): Oracle.ManagedDataAccess and ORA-01017: invalid username/password; logon denied

I've tried everything I've found that I am able to try, but I am still unable to get this to work. I REALLY don't want to have the Oracle client as a dependency for my application (it adds an unrealistic amount of documentation and validation for security reasons <insert eyeroll here>).

Edit to address comment below:

I had to severely edit the connection string for security reasons, but it's EZ Connect format. I am not intending to use any oracle client but my laptop does have the Oracle Client (not instant client) installed on it, with ORACLE_HOME set. I have installed the Oracle.ManagedDataAccess nuget package, as instructed by Oracle's ODP.NET documentation. This code snippet was run in LINQPad (hence the call to .Dump()). It throws the exception on the call to .Open().

I have two projects with the exact same configuration, the only difference being Oracle.DataAccess.Client vs Oracle.ManagedDataAccess.Client, with the first one working.

Code used to connect looks like this:

using Oracle.ManagedDataAccess.Client;
void Main()
{
 var cs = "USER ID=<userid removed>;DATA SOURCE=<hostname>:1571/<servicename>;PASSWORD=\"<password removed>\"";
  using (var conn = new OracleConnection(cs))
  {
    conn.Open();
    conn.GetSchema().Dump();
  }
}

The exception thrown is an OracleException and the message is ORA-01017: invalid username/password; logon denied. The stack trace looks like this:

at OracleInternal.ConnectionPool.PoolManager`3.Get(ConnectionString csWithDiffOrNewPwd, Boolean bGetForApp, CriteriaCtx criteriaCtx, String affinityInstanceName, Boolean bForceMatch) at OracleInternal.ConnectionPool.OraclePoolManager.Get(ConnectionString csWithNewPassword, Boolean bGetForApp, CriteriaCtx criteriaCtx, String affinityInstanceName, Boolean bForceMatch) at OracleInternal.ConnectionPool.OracleConnectionDispenser`3.Get(ConnectionString cs, PM conPM, ConnectionString pmCS, SecureString securedPassword, SecureString securedProxyPassword, CriteriaCtx criteriaCtx) at Oracle.ManagedDataAccess.Client.OracleConnection.Open() at UserQuery.Main() at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Threading.ThreadHelper.ThreadStart()

Here's the exception when dumped in LINQPad. enter image description here

s0n1c
  • 78
  • 9
  • you have posted a lot of info, non of which is useful for us. Where is the connection string? where is the code, how you connect? Do you use instant client or full client? etc. You need to fix this before it can be answered – T.S. Mar 24 '21 at 16:37
  • 1
    I've added info to address your comment. I am only using the nuget package, as Oracle's documentation indicates. My laptop does have the Oracle 12c 32-bit and 64-bit clients installed, which is how I am able to use the unmanaged version. – s0n1c Mar 24 '21 at 16:59
  • What errors are you getting? And how long does it take for the connection to fail? – RBarryYoung Mar 24 '21 at 17:09
  • I get an OracleException with number 1017, invalid username/password. That's all I get, every time, and it throws within a second or so. – s0n1c Mar 24 '21 at 17:27
  • **1.** go to your ora client install find TNSPING and call it from CMD. I mean, you can try, it might be already in path. But if you have 2 clients, I can't tell which will execute. you can use full path. **2.** try to use tnsnames.ora and use tns name in `DATA SOURCE=`. I think, if you use a full client, you might not be able to use the syntax `server:port/sid`. So, isolate the issue you have. **If you** answer these 2 points, we can go further. You might need #2 before #1 – T.S. Mar 24 '21 at 18:13
  • I have this doubt... you are using `Oracle.ManagedDataAccess`. you shouldn't use a full client with this. Full client is for `Oracle.DataAccess` I think, you need to install oracle ODAC. Optionally, ORacle tools for Visual Studio, will also install ODAC connectivity. I believe this is you issue. I am using `Oracle.ManagedDataAccess` with ODAC. No issues. I've used unmanaged before. Try using `tnsname` in the connection string. If this works, look to use ODAC instead of full client. You probably simply missing a driver that can understand `server:port/sid` – T.S. Mar 24 '21 at 18:21
  • I'll try ODAC, but isn't the whole point of the ManagedDataAccess package so that you aren't required to install a bunch of additional dependencies? – s0n1c Mar 24 '21 at 22:43
  • Also, to address your other comment, I have tried the many variations of connection string syntax, because I thought that was the issue at first. When I read back through the other questions related to mine, I see a lot of people just altering database settings or flipping the FIPS enabled value and resolving their issue. Unfortunately for me, I don't have those options, so I may just be stuck. I think if I have to install ODAC, I'll just make the Oracle Client a requirement and carry on. Our help desk and image team already know how manage that. I was just trying to remove the dependency. – s0n1c Mar 24 '21 at 22:45
  • And I have tried `tnsnames` entries. I have an oracle wallet that I use and it also has the same problem. No matter the connection method, it all results in the same `ORA_01017` error.. – s0n1c Mar 24 '21 at 22:46
  • *"I'll try ODAC, but isn't the whole point of the ManagedDataAccess package so that you aren't required to install a bunch of additional dependencies"* -- YES! and that would be NOT installing the Oracle client. ODAC installs a very light driver. And "managed" only knows how to interface it. Un-managed works via full client. At least that was the case when managed started to appear. – T.S. Mar 25 '21 at 14:03

0 Answers0