Re: jdbc thin driver password encryption

From: Frank van Bortel <frank.van.bortel_at_gmail.com>
Date: Thu, 31 Jan 2008 19:57:38 +0100
Message-ID: <55b3c$47a21a22$524b5c40$6977@cache4.tilbu1.nb.home.nl>

thierrydagnino_at_gmail.com wrote:
> On 18 jan, 13:09, Frank van Bortel <frank.van.bor..._at_gmail.com> wrote:

>> thierrydagn..._at_gmail.com wrote:
>>> On 18 jan, 04:14, Frank van Bortel <frank.van.bor..._at_gmail.com> wrote:
>>>> thierrydagn..._at_gmail.com wrote:
>>>>> Hi,
>>>>> I am connecting from websphere to oracle 10G using jdbc thin client.
>>>>> Oracle does not have advanced encryption installed.
>>>>> Is it possible to have the user pwd used by the driver encrypted when
>>>>> we don't have the advanced encryption package installed ?
>>>>> Thank you
>>>> Are you sure your password is not encrypted?
>>>> Do you use the o3logon method?
>>>> Ref:http://download.oracle.com/docs/cd/B19306_01/network.102/b14268/asojb...
>>>> --
>>>> Regards,
>>>> Frank van Bortel
>>>> Top-posting in UseNet newsgroups is one way to shut me up
>>> I beleive the o3logon method is only available if using the advanced
>>> encryption package.
>>> Is it not ?
>> No - because thin jdbc does not support any.
>>
>> Did you not even simply click on the link above?!?
>>
>> --
>>
>> Regards,
>> Frank van Bortel
>>
>> Top-posting in UseNet newsgroups is one way to shut me up- Masquer le texte des messages précédents -
>>
>> - Afficher le texte des messages précédents -

>
> I did click on the link. I read it several times. It talks about
> encrypting content... not credentials if I am not mistaking.
>
> Anyways, thanks for your help.
>

Oracle always stores hashed (there tends to be misunderstanding about encryption - I, for one, assume encryption is two ways, hashing is one way, and therefor more secure).

I understood the question as "the network traffic needs to be encrypted" and responded to that.

-- 

Regards,
Frank van Bortel

Top-posting in UseNet newsgroups is one way to shut me up

Received on Thu Jan 31 2008 - 12:57:38 CST