Oracle - Tomcat with Oracle Wallet
We modify the password of applications regularly, it is such a painful work every time. So I want to use Oracle Wallet instead of password in the configuration files.
At first, I test with Tomcat:
1.Copy 4 jar files from $ORACLE_HOME to $CATALINA_HOME/lib
ojdbc7.jar oraclepki.jar osdt_cert.jar osdt_core.jar
2.Create folders for tnsnames.ora and wallet.
mkdir $CATALINA_HOME/network/admin mkdir $CATALINA_HOME/network/wallet
3.Create tnsnames.ora in $CATALINA_HOME/network/admin
$ cat $CATALINA_HOME/network/admin/tnsnames.ora PPRD3_INTEGMGR = (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(Host = xxx.pprd.xxx.edu)(Port = 2336)) ) (CONNECT_DATA = (SID = PPRD) ) ) PPRD3_SSOMGR = (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(Host = xxx.pprd.xxx.edu)(Port = 2336)) ) (CONNECT_DATA = (SID = PPRD) ) )
4.Set the path of tnsnames.ora and wallet in bin/setenv.sh
export CATALINA_HOME=/l01/app/tomcat_8446 export CATALINA_PORT=8446 export JAVA_OPTS="-server -Xms2g -Xmx4g -Doracle.jdbc.autoCommitSpecCompliant=false -Dlog4j.configuration=config.properties -Doracle.net.tns_admin=${CATALINA_HOME}/network/admin -Doracle.net.wallet_location=${CATALINA_HOME}/network/wallet" CATALINA_PID="${CATALINA_HOME}/catalina${CATALINA_PORT}.pid"
5.Modify connect strings in conf/setenv.sh
<pre class="prettyprint lang-sh linenums=1 "> <Resource name="jdbc/ssomgr_integmgr_banner" auth="Container" type="javax.sql.DataSource" driverClassName="oracle.jdbc.OracleDriver" url="jdbc:oracle:thin:@PPRD3_INTEGMGR" initialSize="5" maxTotal="600" maxIdle="-1" maxWaitMillis="30000" validationQuery="select 1 from dual" accessToUnderlyingConnectionAllowed = "true" removeAbandonedOnBorrow = "true" testOnBorrow="true"/> <Resource name="jdbc/ssomgr" auth="Container" type="javax.sql.DataSource" driverClassName="oracle.jdbc.OracleDriver" url="jdbc:oracle:thin:@PPRD3_SSOMGR" initialSize="5" maxTotal="600" maxIdle="-1" maxWaitMillis="30000" validationQuery="select 1 from dual" accessToUnderlyingConnectionAllowed = "true" removeAbandonedOnBorrow = "true" testOnBorrow="true"/> </pre>
6.Create wallet on the other machine which has Oracle Client / Database installed.
echo <WALLET PWD> | mkstore -wrl /tmp/wallet -create echo <WALLET PWD> | mkstore -wrl /tmp/wallet -createCredential PPRD3_INTEGMGR INTEGMGR <DB USER PWD> echo <WALLET PWD> | mkstore -wrl /tmp/wallet -createCredential PPRD3_SSOMGR SSOMGR <DB USER PWD>
7.Copy the wallet to the Tomcat
8.Exclude jar in the Tomcat Jar Filter, in conf/catalina.properties
tomcat.util.scan.StandardJarScanFilter.jarsToSkip= Add oraclepki.jar,osdt_cert.jar,osdt_core.jar at the end.