Forum Stats

  • 3,839,092 Users
  • 2,262,450 Discussions
  • 7,900,854 Comments

Discussions

Is it possible to use oracle wallets with autologin for the connection authentication?

At first I didn't understand why it was asking me to specify a wallet if the password is mandatory anyway. Is the wallet only used for ssl certificates? Is there any way to setup the extension to authenticate through stored wallet credentials? I'm able to do so in the command line just specifying sqlplus /@TNS_CONNECTION_NAME

Best Answers

  • Christian.Shay -Oracle
    Christian.Shay -Oracle Posts: 2,167 Employee
    edited May 9, 2022 4:34PM Answer ✓

    Ok, so, if it works in vscode in a script, then I guess your question is "How do I connect like this from the connection dialog".

    To do so, can you please try the following:

    0) Go to the extension settings and make sure that "Config Files Folder" and "Wallet Folder" are set to C:\Oracle\oracle_home\network\admin

    1) Make sure your wallet, tnsnames.ora and sqlnet.ora are located in C:\Oracle\oracle_home\network\admin

    2) Open the connection dialog by pressing the plus button on the Oracle Explorer tree control

    3) Set Connection Type to "TNS Alias"

    4) Set Tns Admin Location to C:\Oracle\oracle_home\network\admin

    5) In the TNS Alias drop down select TNSNAMES_DB

    4) Check "Use Wallet File"

    5) Set Wallet File location to C:\Oracle\oracle_home\network\admin

    6) In username field put "/"

    7) Leave password field blank

    8) Press "Create Connection"

    If you receive an error, please copy and paste it here.

    Yevon

Answers

  • Are you trying to use an Autonomous Database (eg Always Free)?

    If so, once you set up the connection the first time using the connection dialog you should only need to specify the password each time you open the connection in database explorer.

    Or, if you connecting in a script, eg:

    connect myuser/[email protected]_high

    you need to make sure that the Connection Configuration: Config Files Folder and Connection Configuration: Wallet File Folder are set to the directory where your credentials files were unzipped.


    Finally, wallets are not actually required (and we will make this much more obvious in the next release - right now, our UI doesn't mention it at all)

    For more info on connecting without wallets see the Quickstart:

    Connect to Oracle Autonomous Database (Without Using Credentials Files)


    • Disable Mutual TLS (mTLS) for your ADB instance and make sure that your IP address is authorized: Follow the steps in this blog link for TLS Setup Without Wallets .
    • In the same blog link above, follow the steps to copy the TLS connect string
    • To connect from Oracle Database Explorer, click the plus sign button
    • To connect to Oracle Database from a .SQL or .PL/SQL file, press F1 to open Command Palette and select Oracle:Connect from the dropdown. Then select New Connection.
    • A connection dialog will open. In the Connection Type dropdown, select Advanced
    • Paste the connect string you copied into the Connect String box.
    • Select Default from the Role drop down list
    • Enter the username and password. (If you are new to Oracle Autonomous Database, use username ADMIN)
    • If you are using Proxy Authentication, check the Show more options checkbox and provide the proxy username and password
    • If you want to use a different schema than the default schema associated with your username, select it from the Current Schema dropdown
    • Provide a connection name to be used to reference this connection in Database Explorer and elsewhere
    • Click the Create Connection button


  • Yevon
    Yevon Member Posts: 110 Blue Ribbon
    edited May 5, 2022 10:58AM

    No, I was trying to have a centralized way for storing on premise oracle database credentials shared between different programs like sqldeveloper, vscode, sqlplus or sqlcl. So the idea was to just using tnsnames globally and a centralized wallet for external password storage with autologin enabled, and linked to your pc so if you copy the wallet to another computer it won't work. What I would need I guess is to be able to specify a jdbc string connection without specifying any password, so it uses the password from the default os wallet.

  • Yevon
    Yevon Member Posts: 110 Blue Ribbon

    For example in sqldeveloper this is set up like this:



  • Christian.Shay -Oracle
    Christian.Shay -Oracle Posts: 2,167 Employee
    edited May 5, 2022 2:02PM

    When you have this working in SQL Developer, what is your TNSNAMES entry in TNSNAMES.ORA and what does your whole SQLNET .ORA file look like? I believe this is configured in those files and you should be able to do the same with the VS Code extension.

  • Yevon
    Yevon Member Posts: 110 Blue Ribbon
    edited May 5, 2022 5:28PM

    The only connection type that does not require a password is the ODP.NET Connection String. I don't really know much about it, but I was trying this:

    The name in tsnames.ora would be TEST_DEV

    And the database username TEST


    sqlnet.ora:

    WALLET_LOCATION =  

      (SOURCE =  

       (METHOD = FILE)  

       (METHOD_DATA =  

        (DIRECTORY = C:\Oracle\oracle_home\network\admin)  

       )  

      )  

      

    SQLNET.WALLET_OVERRIDE = TRUE


    But it says invalid credentials, it is not trying to read the password from the wallet. Maybe I have to specify the wallet path with another parameter?

  • Christian.Shay -Oracle
    Christian.Shay -Oracle Posts: 2,167 Employee
    edited May 5, 2022 7:05PM

    Let's back up for a second.

    You seemed to say you have wallet only authentication set up in SQL Developer. Is that true?

    If so, you should be able to set up VS code in a similar fashion.

    What does the TNSNAMES.ORA entry look like that you use with SQL Developer?

    What does the SQLnet.ora file look like that you use with SQL Developer?

    Once you have that figured out, try to connect in a script only (forget about the connection dialog for now)

    eg:

    connect /@TNSNAMES_DB

  • Yevon
    Yevon Member Posts: 110 Blue Ribbon

    If i try connect /@TNSNAMES_DB, it works from a sql script in vscode and outputs "Connected". I have it working with sqlplus, sqlcl and sqldeveloper.

    TNSNAMES.ORA looks like this:

    TNSNAMES_DB=
     (description=
      (address_list=
       (address = (protocol = TCP)(host = host.example.url)(port = 1521))
      )
     (connect_data =
      (service_name=service.example.name)
     )
    )
    
    

    SQLnet.ora looks like this:

    WALLET_LOCATION =  
      (SOURCE =  
       (METHOD = FILE)  
       (METHOD_DATA =  
        (DIRECTORY = C:\Oracle\oracle_home\network\admin)  
       )  
      )  
      
    SQLNET.WALLET_OVERRIDE = TRUE
    


  • Christian.Shay -Oracle
    Christian.Shay -Oracle Posts: 2,167 Employee
    edited May 9, 2022 4:34PM Answer ✓

    Ok, so, if it works in vscode in a script, then I guess your question is "How do I connect like this from the connection dialog".

    To do so, can you please try the following:

    0) Go to the extension settings and make sure that "Config Files Folder" and "Wallet Folder" are set to C:\Oracle\oracle_home\network\admin

    1) Make sure your wallet, tnsnames.ora and sqlnet.ora are located in C:\Oracle\oracle_home\network\admin

    2) Open the connection dialog by pressing the plus button on the Oracle Explorer tree control

    3) Set Connection Type to "TNS Alias"

    4) Set Tns Admin Location to C:\Oracle\oracle_home\network\admin

    5) In the TNS Alias drop down select TNSNAMES_DB

    4) Check "Use Wallet File"

    5) Set Wallet File location to C:\Oracle\oracle_home\network\admin

    6) In username field put "/"

    7) Leave password field blank

    8) Press "Create Connection"

    If you receive an error, please copy and paste it here.

    Yevon
  • Yevon
    Yevon Member Posts: 110 Blue Ribbon
    edited May 10, 2022 2:57PM

    Awesome! it worked thanks! When you put a "/" in the username the password becomes optional. It would be nice making this behaviour more obvious with an inline help text or something similar under the user name field.