Java Connectivity with EECS using 12.2 or 12.1 JDBC driver
Oracle Database Exadata Express Cloud Service (EECS) is a FULLY MANAGED database service targeted for production applications that consist of small to medium sized data. Access EECS from Java SE applications, Java web applications (i.e., Servlets) and Java EE containers using the Oracle JDBC and the Universal Connection Pool (UCP). The security is enforced by using TLS v1.2 and Java KeyStore (JKS) files which can be downloaded from the service console. Click on any of the links for steps to establish a connection.
- Prerequisites (Applicable for all of these)
- Plain JDBC
- Using Developer Tools (Eclipse, IntelliJ etc.,)
- Trouble Shooting Tips
- Using JDBC-OCI
Prerequisites
-
Step 1- Enable Client Access: Go to the Exadata Express service console and enable the client access on the console.
-
Step 2 - Get the Client Credentials: Click "Download Client Credentials" on the console to get client_credentials.zip. Unzip it to a directory securely so that only authorized users have access to them.
-
Step 3 - JDK version: If you are using JDK11, JDK10, or JDK9 then you don't need anything. If your JDK version is less than JDK8u162 then download the JCE Unlimited Strength Jurisdiction Policy Files. Refer to README for installation notes.
-
Step 4 - JDBC Driver: Download the 12.2.0.1 JDBC Thin driver (ojdbc8.jar) and ucp.jar
Note: For 12.1.0.2 version, you must use a patched JDBC Thin driver (ojdbc7.jar) ) or apply a patch for the bug 23176395. Refer to the MOS note 2122800.1 for more details.
1. Plain JDBC
-
Step 1: Make sure that prerequisites are met.
-
Step 2: Download DataSourceSample.java or UCPSample.java and update the connection URL to have the tns alias as the service name. Example: DB_URL="jdbc:oracle:thin:@dbaccess".
-
Step 3: Compile and run the sample by passing the JKS related connection properties either as system properties or as connection properties. Refer to the OracleConnection for more details on setting them as connection level property.
-
Sample Commands to Run
[Linux]
java -Doracle.net.tns_admin=/home/myuser/cloud \
-Doracle.net.ssl_server_dn_match=true \
-Doracle.net.ssl_version=1.2 \ (Only for 12.1.0.2 JDBC driver)
-Djavax.net.ssl.trustStore=/home/user/cloud/truststore.jks \
-Djavax.net.ssl.trustStorePassword=welcome1 \
-Djavax.net.ssl.keyStore=/home/user/cloud/keystore.jks \
-Djavax.net.ssl.keyStorePassword=welcome1 \
UCPSample
[Using Connection Properties]
Properties info = new Properties();
info.put(OracleConnection.CONNECTION_PROPERTY_USER_NAME, DB_USER);
info.put(OracleConnection.CONNECTION_PROPERTY_PASSWORD, DB_PASSWORD);
info.put(OracleConnection.CONNECTION_PROPERTY_TNS_ADMIN,"home/user/cloud/");
info.put(OracleConnection.CONNECTION_PROPERTY_THIN_SSL_VERSION,"1.2");
info.put(OracleConnection.CONNECTION_PROPERTY_THIN_SSL_SERVER_DN_MATCH,"true");
info.put(OracleConnection.CONNECTION_PROPERTY_THIN_JAVAX_NET_SSL_KEYSTORE, "home/user/cloud/keystore.jks");
info.put(OracleConnection.CONNECTION_PROPERTY_THIN_JAVAX_NET_SSL_KEYSTOREPASSWORD,"Welcome1");
info.put(OracleConnection.CONNECTION_PROPERTY_THIN_JAVAX_NET_SSL_TRUSTSTORE, "/home/user/cloud/truststore.jks");
info.put(OracleConnection.CONNECTION_PROPERTY_THIN_JAVAX_NET_SSL_TRUSTSTOREPASSWORD,"Welcome1");
OracleDataSource ods = new OracleDataSource();
ods.setURL(DB_URL);
ods.setConnectionProperties(info);
try (OracleConnection connection = (OracleConnection) ods.getConnection()) { }
Connection using JDBC-OCI driver using Wallets
-
Download and Install Oracle Instant Client from this path.
-
Set the location of Instant Client as shown below.
[Linux] export LD_LIBRARY_PATH=/home/myuser/instantclient_12_1:$LD_LIBRARY_PATH
[Windows] set PATH=C:\instantclient_12_1;%PATH%
-
Unzip the client_credentials.zip file to a directory. For example move the files to /home/myuser/cloud or C:\CloudTest
Store the Oracle Wallets (*.sso, *.p12) securely so that only users authorized to connect to the Exadata Express service have access to them. By default, Oracle recommends granting permissions only to the owner of the files.
-
Edit the unzipped sqlnet.ora file and set the DIRECTORY value to the location where the zip file contents were placed.
For example change the path:
WALLET_LOCATION = (SOURCE = (METHOD = file)
(METHOD_DATA = (DIRECTORY=?/network/admin)))
Linux:
WALLET_LOCATION = (SOURCE = (METHOD = file)
(METHOD_DATA = (DIRECTORY=/home/myuser/cloud)))
Windows:
WALLET_LOCATION = (SOURCE = (METHOD = file)
(METHOD_DATA = (DIRECTORY=C:\CloudTest)))
-
Set the TNS_ADMIN environment variable to the directory where the unzipped files are located. Make sure that sqlnet.ora file is also located in this path.
[Linux] export TNS_ADMIN=/home/myuser/cloud
[Windows] set TNS_ADMIN=C:\CloudTest
-
Make sure to have JDBC driver (ojdbc8.jar or ojdbc7.jar) in the classpath. The sample connection string to be used is "jdbc:oracle:oci:@dbaccess"
-
Run the sample using the command java OCISample
Exadata Express Resources
- Help Center | User Guide | What's New | Known Issues - Manuals
- Instant Client | Scripting Languages | SQL*Plus - for Exadata Express
Other Developer Resources
- JDBC and UCP Landing Page - for Whitepapers, Javadoc, Forum etc.,
Step 1- Enable Client Access: Go to the Exadata Express service console and enable the client access on the console.
Step 2 - Get the Client Credentials: Click "Download Client Credentials" on the console to get client_credentials.zip. Unzip it to a directory securely so that only authorized users have access to them.
Step 3 - JDK version: If you are using JDK11, JDK10, or JDK9 then you don't need anything. If your JDK version is less than JDK8u162 then download the JCE Unlimited Strength Jurisdiction Policy Files. Refer to README for installation notes.
Step 4 - JDBC Driver: Download the 12.2.0.1 JDBC Thin driver (ojdbc8.jar) and ucp.jar
Note: For 12.1.0.2 version, you must use a patched JDBC Thin driver (ojdbc7.jar) ) or apply a patch for the bug 23176395. Refer to the MOS note 2122800.1 for more details.
Step 1: Make sure that prerequisites are met.
Step 2: Download DataSourceSample.java or UCPSample.java and update the connection URL to have the tns alias as the service name. Example: DB_URL="jdbc:oracle:thin:@dbaccess".
Step 3: Compile and run the sample by passing the JKS related connection properties either as system properties or as connection properties. Refer to the OracleConnection for more details on setting them as connection level property.
Sample Commands to Run
[Linux]
java -Doracle.net.tns_admin=/home/myuser/cloud \
-Doracle.net.ssl_server_dn_match=true \
-Doracle.net.ssl_version=1.2 \ (Only for 12.1.0.2 JDBC driver)
-Djavax.net.ssl.trustStore=/home/user/cloud/truststore.jks \
-Djavax.net.ssl.trustStorePassword=welcome1 \
-Djavax.net.ssl.keyStore=/home/user/cloud/keystore.jks \
-Djavax.net.ssl.keyStorePassword=welcome1 \
UCPSample
[Using Connection Properties]
Properties info = new Properties();
info.put(OracleConnection.CONNECTION_PROPERTY_USER_NAME, DB_USER);
info.put(OracleConnection.CONNECTION_PROPERTY_PASSWORD, DB_PASSWORD);
info.put(OracleConnection.CONNECTION_PROPERTY_TNS_ADMIN,"home/user/cloud/");
info.put(OracleConnection.CONNECTION_PROPERTY_THIN_SSL_VERSION,"1.2");
info.put(OracleConnection.CONNECTION_PROPERTY_THIN_SSL_SERVER_DN_MATCH,"true");
info.put(OracleConnection.CONNECTION_PROPERTY_THIN_JAVAX_NET_SSL_KEYSTORE, "home/user/cloud/keystore.jks");
info.put(OracleConnection.CONNECTION_PROPERTY_THIN_JAVAX_NET_SSL_KEYSTOREPASSWORD,"Welcome1");
info.put(OracleConnection.CONNECTION_PROPERTY_THIN_JAVAX_NET_SSL_TRUSTSTORE, "/home/user/cloud/truststore.jks");
info.put(OracleConnection.CONNECTION_PROPERTY_THIN_JAVAX_NET_SSL_TRUSTSTOREPASSWORD,"Welcome1");
OracleDataSource ods = new OracleDataSource();
ods.setURL(DB_URL);
ods.setConnectionProperties(info);
try (OracleConnection connection = (OracleConnection) ods.getConnection()) { }
Download and Install Oracle Instant Client from this path.
Set the location of Instant Client as shown below.
[Linux] export LD_LIBRARY_PATH=/home/myuser/instantclient_12_1:$LD_LIBRARY_PATH
[Windows] set PATH=C:\instantclient_12_1;%PATH%Unzip the client_credentials.zip file to a directory. For example move the files to /home/myuser/cloud or C:\CloudTest
Store the Oracle Wallets (*.sso, *.p12) securely so that only users authorized to connect to the Exadata Express service have access to them. By default, Oracle recommends granting permissions only to the owner of the files.
Edit the unzipped sqlnet.ora file and set the DIRECTORY value to the location where the zip file contents were placed.
For example change the path:
WALLET_LOCATION = (SOURCE = (METHOD = file)
(METHOD_DATA = (DIRECTORY=?/network/admin)))Linux:
WALLET_LOCATION = (SOURCE = (METHOD = file)
(METHOD_DATA = (DIRECTORY=/home/myuser/cloud)))Windows:
WALLET_LOCATION = (SOURCE = (METHOD = file)
(METHOD_DATA = (DIRECTORY=C:\CloudTest)))Set the TNS_ADMIN environment variable to the directory where the unzipped files are located. Make sure that sqlnet.ora file is also located in this path.
[Linux] export TNS_ADMIN=/home/myuser/cloud
[Windows] set TNS_ADMIN=C:\CloudTestMake sure to have JDBC driver (ojdbc8.jar or ojdbc7.jar) in the classpath. The sample connection string to be used is "jdbc:oracle:oci:@dbaccess"
Run the sample using the command java OCISample