Skip to Main Content
Forums

Database Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

RADIUS authentication

markdba123May 14 2020 — edited May 21 2020

If I'm not in the correct discussion group, please let me know.

I'm running a X5-2 ODA box with DB=12.1.0.2, GRID=18.3.0.0.0 in a 2-node RAC configuration.

We are working on a project where we will authenticate database access via a RADIUS server (I'm on the db side and another coworker is on the windows side).

After initial testing, it seems that Oracle is not communicating with RADIUS.

Below is my example radius sqlnet.ora file

##

## For RADIUS/DUO/MFA

##

SQLNET.AUTHENTICATON_SERVICES=RADIUS

SQLNET.RADIUS_AUTHENTICATION=RADIUS_server_<ip address>

SQLNET.RADIUS_AUTHENTICATION_PORT=<port>

SQLNET.RADIUS_AUTHENTICATION_TIMEOUT=60

SQLNET.RADIUS_AUTHENTICATION_RETRIES=3

SQLNET.RADIUS_SECRET=/u01/app/oracle/product/12.1.0.2/dbhome_1/network/security/radius.key

SQLNET.RADIUS_CLASSPATH=/u01/app/oracle/product/12.1.0.2/dbhome_1/network/jlib/netradius6.jar

SQLNET.RADIUS_CHALLENGE_RESPONSE=OFF

##SQLNET.RADIUS_CHALLENGE_KEYWORD=()

SQLNET.RADIUS_SEND_ACCOUNTING=OFF

One question is:  which sqlnet.ora file should be modified?  The one under GRID ownership or the one under ORACLE ownership?

Has anyone successfully implemented this?

Any help would be greatly appreciated.


Cheer,
Mark

Comments

Suri
Hi,

Maximum size for VARCHAR2 is 4000. So you cant add 32767 characters to a variable which you have defined with VARCHAR2 datatype.

Below will work
DECLARE
  LEN1  NUMBER;
  STR   VARCHAR2(32767);
BEGIN
  
  STR := RPAD('*', 4000, '*');
  
  SELECT LENGTH(STR) INTO LEN1 FROM DUAL;
  DBMS_OUTPUT.PUT_LINE('LEN1: '||LEN1);
 
END;
Thanks,
Suri

Edited by: Suri on Aug 8, 2012 1:50 PM

Edited by: Suri on Aug 8, 2012 1:52 PM
APC
In your first example the database engine overrode your length for the RPAD() call with the SQL limit (4000 characters). In your second example you presented the engine with a 32K string and it hurled. This is because the engine hasn't been programmed to truncate a string which is too long.

If anything I think the first example is inconsistent. Certainly that behaviour is [url http://docs.oracle.com/cd/B28359_01/server.111/b28286/functions147.htm#i78723]not documented.

Cheers, APC
1 - 2

Post Details

Added on May 14 2020
#database-security, #database-security-general
17 comments
985 views