I'm trying to use an aliased password as a jvm arg, but the aliased password does not seem to be provided to the web app. Here is my domain.xml config:
<jvm-options>-Dmy_password=${ALIAS=my_password_alias}</jvm-options>
However, trying to retrieve the password just returns null
String password = System.getEnv("my_password"); // returns null
and
String password = System.getProperty("my_password"); // returns "${ALIAS=my_password_alias}"
I've tried on: GlassFish Server Open Source Edition 3.1.2.2 (build 5)
Searching online it seems someone else has run into a similar issue
Question: does glassfish support password aliases for jvm args?
It works, just use System.getProperty("my_password").
Related
I'm using Spring application and stack is like: Java 11, Spring Boot 2.2.1.RELEASE.
(technology versions may vary here)
When I try to connect to the database via Data Source using Intellij IDEA, I get always the issue like:
The specified database user/password combination is rejected:
[28P01] FATAL: password authentication failded for user 'postgres'
How can I fix it?
To be noticed: this answer is similar, but not related to:
Unable to connect from Intellij to mySql running in docker container - "specified database user/password combination is rejected"
To fix it:
you need to check your application.properties file and change the value of user password on line:
spring.datasource.password=your_password
The cause of issue is:
your value of the property spring.datasource.password in application.properties
does not match the user password what was selected by default during installing your database system.
E.g. more specifically on the step "Enter the password for the database superuser (postgres)":
To clarify: provided example is for PostgreSQL, but it can be another database system.
Edit: this assumes you run Linux
if the other answer provided by invzbl3 doesn't work, check out this solution, it worked for me. Make sure to restart afterwards.
https://docs.fedoraproject.org/en-US/quick-docs/postgresql/#_initial_configuration
If you’re getting ident errors from your app you’ll probably need to perform the accepted solution described at https://serverfault.com/questions/406606/postgres-error-message-fatal-ident-authentication-failed-for-user?newreg=a4fdc3e21349449985cc65b82399c5b4
(if you don't have nano, just use any other text editor)
sudo nano /var/lib/pgsql/data/pg_hba.conf
and edit host all all 127.0.0.1/32 ident to host all all 127.0.0.1/32 md5.
This should allow most applications to connect with username/password.
Google Data Studio Connector MySQL doesn't work with MySQL 8.0 version. It seen to be an authentication problem.
My MySQL Version: 8.0.17
Linux Ubuntu
I have tried all 3 types of password Authentication Type: Standard, Casching_sha2_password and SHA256 password.
All firewall are inbound rules open.
The mysql user has wildcard %.
I expect that connect to the database, maybe tring to change any authentication configuration at the server to work like version 5.
Error message: "Não foi possível fazer a conexão ao banco de dados. Verifique seus parâmetros de conexão. Saiba mais sobre conectores de banco de dados aqui.
Código do erro: 1d3f4578" - Sorry about the portuguese. It's a generic not connection error.
I tried to use in my.cnf:
[mysqld]
default_authentication_plugin=mysql_native_password
Tks.
I confirm that Google Data Studio has problems connecting to MySQL 8.
Please see the following thread on Data Studio Help forums: https://support.google.com/datastudio/thread/4115506?hl=en
I also confirm Mysql 8 is not compatible: see another issue here:
https://support.google.com/datastudio/thread/70033771?hl=en
For future reference, as of the 29 Apr 2021 Update, Google Data Studio supports MySQL 8:
MySQL 8 support
You can now visualize data from MySQL 8 using Data Studio.
I found a workaround here (copy & paste below)
https://support.google.com/datastudio/thread/4115506?hl=en
I've just resolved the issue using ProxySQL (https://github.com/sysown/proxysql). It supports rewriting queries on the fly. Using that feature you can replace the unsupported global variables with null and then forward the query to your database, making both your database and Google Data Studio happy.
Here's a how to for your convenience.
After installation, before you start the service, edit /etc/proxysql.cnf as follows:
Section admin_variables:
Set admin password in admin_credentials variable.
It supports both plain text (eww) or hashed password (output from PASSWORD() function in MySQL). I suggest using the hashed password. The password function is not available in MySQL 8 anymore, but you can use this SELECT to generate the hash of your password:
SELECT CONCAT("*", UPPER(SHA1(UNHEX(SHA1('your_password'))))) AS password;
I've changed mysql_ifaces to 127.0.0.1 as I prefer rather restrictive policy.
Section mysql_variables:
Set default_schema to match schema we use
Set server_version to our MySQL server's version
Here you need to keep the interfaces open to public so the GDS can connect to it. However you can update the port it listens on (default is 6033).
Section mysql_servers:
Uncomment first section (except of max_replication_lag), fill in DB server's IP and port
Section mysql_users:
Uncomment first section, fill in your GDS user credentials. Again it supports both plain test and hashed format of password, use the hashed one.
Section mysql_query_rules:
This is the part doing the magic for us.
Use following rules to replace unsupported global variables with null.
{
rule_id=1
active=1
match_pattern="\#\#query_cache_size"
replace_pattern="null"
apply=0
},
{
rule_id=2
active=1
match_pattern="\#\#query_cache_type"
replace_pattern="null"
apply=0
},
{
rule_id=3
active=1
match_pattern="\#\#tx_isolation"
replace_pattern="null"
apply=0
},
Save the file. And start the service (e.g. systemctl start proxysql).
Open port 6033 (or any other you've set in the mysql_variables.interfaces) to the public in your firewall.
Update your connection in Google Data Studio to use this port.
And you should be up and running.
I have Oracle SQL Developer version 4.1.19 (64 bit) with JDK8 included.
This is working for Oracle connections which require a {username, password} combination - no problem there.
My issue is that I cannot connect with an OS Authentication configuration.
Please note that I can connect from the command line with OS authentication by using sqlplus /#MY_TNS_NAME and this works fine.
I have the SQL Developer application configured to use the OCI/Thick driver and also to use the x64 12.1.0.2.0 basic instant client. This seems to be configured ok in that if I check Help->About-Properties then sqldeveloper.oci.available has the value "true".
However, each time that I test the connection I receive the failure message
"ORA-01017: invalid username/password; logon denied"
My OS is Windows 7 Enterprise x64 SP1
I have obviously checked the option "OS Authentication" :).
Is there any other configuration that I need to change/check in order to get SQL Developer to allow me to connect via OS Authentication? (Changing the authentication type is not an option for me).
Thanks in advance.
Had the same issue. The cause is that SQL Developer's lightweight JDBC does not support extended authentication. SQL*Plus, to the contrary, is compiled against native driver, that's why it has no problem.
Solution: in SQL Developer, go
Tools -> Preferences -> Database -> Advanced Parameters
If you have Use Oracle Client already checked, just check Use OCI/Thick driver. That's all. If not, check Use Oracle Client first, and specify driver path. Idea was taken from here
Speaking about clients, Oracle allows to have a zoo of versions. If you have problems selecting working client, the cleanest option would be to use path where your SQL*Plus resides. Just strip \bin from its end, and make sure its CPU architecture matches SQL Developer.
Oracle Sql developer and sqlplus work with OS authentication in absolutely different ways.
Sql developer always tries to authorize by substituting to the user name "\".
SLQPLUS substitutes only the user name. When adding a domain to the user name.
OSAUTH_PREFIX_DOMAIN = TRUE (windows registry). Sqlplus appends the domain name to the name.
Sql developer always tries to authorize by substituting to the user name "\" without domain name.
Example 1.
CREATE USER "OPS$ORACLE.ADMIN" IDENTIFIED EXTERNALLY
PROFILE DEFAULT
DEFAULT TABLESPACE tablespace_oracle_admin
TEMPORARY TABLESPACE TEMP
QUOTA UNLIMITED ON tablespace_oracle_admin
ACCOUNT UNLOCK ;
C:\ORA\DB\product\11.2.0\dbhome_1\bin\sqlplus /
SQL> Select user from dual;
USER
___________________
OPS$ORACLE.ADMIN
To connect from sql developer with the database, it is necessary to put the "/" symbol instead of the
user name without specifying a password.
Select user from dual;
USER
___________________
OPS$ORACLE.ADMIN
Example 2.
CREATE USER "OPS$\ORACLE.ADMIN" IDENTIFIED EXTERNALLY
PROFILE DEFAULT
DEFAULT TABLESPACE tablespace_oracle_admin
TEMPORARY TABLESPACE TEMP
QUOTA UNLIMITED ON tablespace_oracle_admin
ACCOUNT UNLOCK ;
When connecting to using Sql developer, OS authentication work!!!!
Select user from dual;
USER
___________________
OPS$\ORACLE.ADMIN
Where are your Sqlnet.ora and tnsNames.ora files located?
I had to create an environment variable TNS_ADMIN with a custom location that contained my sqlnet.ora and tnsnames.ora files.
Make sure your sqlnet.ora file contains the line:
SQLNET.AUTHENTICATION_SERVICES = (NTS)
You also need to ensure that the instant client location e.g. c:/instantclient12 is the first entry in your PATH variable.
What happens when you press the test button when setting the Oracle client location in sql developer?
I want to make jdbc connection to hive server through JTDS .I am not able to find proper documentation for hive jtds connection support.I am trying the following connection string
jdbc:jtds:hive2://x.x.x.x:20000/default;user='xxx';password='xxx';
I have used JTDS on a number of projects.
If you're using JTDS for windows authentication, you require a "ntlmauth.dll" file. This file is used for windows Authentication.
http://doc.cloveretl.com/documentation/UserGuide/index.jsp?topic=/com.cloveretl.gui.docs/docs/mssql-authentication.html
This link is quite useful incase my above explanation sounded confusing.
The connection string should be in the following format:
static String URL = "jdbc:jtds:sqlserver://SERVERNAME:1433;"+
"databaseName=DATABASENAME;" + // Name of database to connect to
"useNTLMv2=true;" + // To indicate use of Windows Authentication
"domain=DOMAINNAME\\";
Hope this helped
I need to test for worklight.properties encrypted variables. I only find a doc for setting real WAS worklight server. But no doc mentions about the local testing server that shipped from WL studio.
Solution is adding a server.env file to the server directory. And put the var inside.
Detail:
http://www-01.ibm.com/support/docview.wss?uid=swg21596484
You should use the guide you've found, as there should be no difference...
WAS = WebSphere Application Server
Liberty = WebSphere Application Server Liberty profile
Liberty is a type of WAS.
To be sure, verify you are following the second option provided in the following user documentation topic: Storing properties in encrypted format