Support for SQLNET encryption
Originally Published: 2018-10-11
Article Number
Applies To
RSA Product/Service Type: Enterprise Software
RSA Version/Condition: 7.1.0
Platform:
Platform (Other): null
O/S Version: null
Product Name: RSA Identity Governance and Lifecycle
Product Description: null
Issue
SQLNET.ENCRYPTION_SERVER = required
in the $ORACLE_HOME/network/admin/sqlnet.ora file on the database server
However, SQLNET encryption is not supported in RSA Identity Governance & Lifecycle 7.1.0 and the application may fail with the following stack trace seen in aveksaServer.log
08/27/2018 11:59:30.298 ERROR (ServerService Thread Pool -- 106) [org.hibernate.hql.spi.id.IdTableHelper] Unable to use JDBC Connection to create Statement
java.sql.SQLRecoverableException: Closed Connection
at oracle.jdbc.driver.PhysicalConnection.needLine(PhysicalConnection.java:4220)
at oracle.jdbc.driver.OracleStatement.closeOrCache(OracleStatement.java:1431)
at oracle.jdbc.driver.OracleStatement.close(OracleStatement.java:1410)
at oracle.jdbc.driver.OracleStatementWrapper.close(OracleStatementWrapper.java:102)
at org.jboss.jca.adapters.jdbc.WrappedStatement.internalClose(WrappedStatement.java:1491)
at org.jboss.jca.adapters.jdbc.WrappedStatement.close(WrappedStatement.java:178)
at org.hibernate.hql.spi.id.IdTableHelper.executeIdTableCreationStatements(IdTableHelper.java:91)
at org.hibernate.hql.spi.id.global.GlobalTemporaryTableBulkIdStrategy.finishPreparation(GlobalTemporaryTableBulkIdStrategy.java:125)
at org.hibernate.hql.spi.id.global.GlobalTemporaryTableBulkIdStrategy.finishPreparation(GlobalTemporaryTableBulkIdStrategy.java:42)
at org.hibernate.hql.spi.id.AbstractMultiTableBulkIdStrategyImpl.prepare(AbstractMultiTableBulkIdStrategyImpl.java:88)
at org.hibernate.internal.SessionFactoryImpl.<init>(SessionFactoryImpl.java:455)
at org.hibernate.boot.internal.SessionFactoryBuilderImpl.build(SessionFactoryBuilderImpl.java:444)
at org.hibernate.cfg.Configuration.buildSessionFactory(Configuration.java:711)
at org.hibernate.cfg.Configuration.buildSessionFactory(Configuration.java:727)
at com.aveksa.server.db.persistence.PersistenceServiceProvider.initializeSessionFactory(PersistenceServiceProvider.java:334)
at com.aveksa.server.db.persistence.PersistenceServiceProvider.initializeSessionFactory(PersistenceServiceProvider.java:312)
at com.aveksa.server.db.PersistenceManager.getInstance(PersistenceManager.java:88)
at com.aveksa.server.db.PersistenceManager.find(PersistenceManager.java:211)
at com.aveksa.server.audit.AuditServiceProvider.loadEnabledEvents(AuditServiceProvider.java:264)
at com.aveksa.server.audit.AuditServiceProvider.start(AuditServiceProvider.java:58)
at com.aveksa.init.Startup.getAuditService(Startup.java:114)
at com.aveksa.init.Startup.init(Startup.java:57)
at com.aveksa.gui.core.ACMFramework.init(ACMFramework.java:94)
at com.aveksa.gui.core.ACMFramework.initInstance(ACMFramework.java:83)
at com.aveksa.init.InitServlet.init(InitServlet.java:42)
at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.handle(RunAsLifecycleInterceptor.java:65)
at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:76)
at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:250)
at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:133)
at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:546)
at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:517)
at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:559)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:101)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
at org.jboss.threads.JBossThread.run(JBossThread.java:320)
Cause
Resolution
Workaround
In $ORACLE_HOME/network/admin/sqlnet.ora set the following parameter:
SQLNET.ENCRYPTION_SERVER = accepted
Related Articles
SNMP support for RSA Identity Governance and Lifecycle Number of Views RSA Reminder: Upcoming End of Primary Support for RSA Authentication Agent 7.4 Number of Views How can I contact Customer Support for issues or questions relating to the RSA Community? Number of Views Scheduling Cleanup for Unresolvable Users and User Groups Number of Views Do the RSA SecurID Access mobile apps support the Time-based One-time Password Algorithm (TOTP)? Number of Views
Don't see what you're looking for?
