联系:手机/微信(+86 17813235971) QQ(107644445)
作者:惜分飞©版权所有[未经本人同意,不得以任何形式转载,否则有进一步追究法律责任的权利.]
随着安全意识和需求的越来越高,有一些客户要求数据库传输数据过程中对其进行加密,防止有人在网络层面通过抓包,获取数据内容,从而保证了在网络层面的数据传输安全.实现这种加密,主要是通过Database Advanced Security组件实现,主要是通过slnet.ora的配置实现数据在服务端和客户端之间传输加密.
数据库安装的安全组件和支持加密算法
[oracle@ora11g ~]$ adapters
Installed Oracle Net transport protocols are:
IPC
BEQ
TCP/IP
SSL
RAW
SDP/IB
Installed Oracle Net naming methods are:
Local Naming (tnsnames.ora)
Oracle Directory Naming
Oracle Host Naming
Oracle Names Server Naming
Installed Oracle Advanced Security options are:
RC4 40-bit encryption
RC4 56-bit encryption
RC4 128-bit encryption
RC4 256-bit encryption
DES40 40-bit encryption
DES 56-bit encryption
3DES 112-bit encryption
3DES 168-bit encryption
AES 128-bit encryption
AES 192-bit encryption
AES 256-bit encryption
MD5 crypto-checksumming
SHA-1 crypto-checksumming
Kerberos v5 authentication
RADIUS authentication
启用客户端trace
trace只是为了验证传输加密,在实际生产中该功能需要关闭,不然会比较严重影响性能和导致trace文件过多磁盘空间占用较大问题
Trace_level_client=16 Trace_directory_client=D:\app\Administrator\product\11.2.0\dbhome_1\NETWORK\ADMIN\log Trace_unique_client=on Trace_timestamp_client=on Diag_adr_enabled=off tnsping.trace_directory=D:\app\Administrator\product\11.2.0\dbhome_1\NETWORK\ADMIN\log tnsping.trace_level=admin
捕获非加密情况数据
通过对客户端trace文件的分析,基本上可以发现客户端和服务端数据传输是明码方式进行,也就是说如果有人在这个网络上捕获包,进行分析,可以知道你的应用端和数据库端的所有操作,数据存在安全隐患
----数据库登录 [24-6月 -2018 12:37:55:555] nam_gnsp: Reading parameter "SQLNET.ENCRYPTION_CLIENT" from parameter file [24-6月 -2018 12:37:55:555] nam_gnsp: Parameter not found [24-6月 -2018 12:37:55:555] naequad: Using default value "ACCEPTED" [24-6月 -2018 12:37:55:555] nam_gic: entry [24-6月 -2018 12:37:55:555] nam_gic: Counting # of items in "SQLNET.ENCRYPTION_TYPES_CLIENT" parameter [24-6月 -2018 12:37:55:555] nam_gic: Parameter not found [24-6月 -2018 12:37:55:555] nam_gic: exit [24-6月 -2018 12:37:55:555] naesno: Using default value "all available algorithms" [24-6月 -2018 12:37:55:555] naeshow: entry [24-6月 -2018 12:37:55:555] naeshow: These are the encryption algorithms that the client will accept: [24-6月 -2018 12:37:55:555] naeshow: Choice 0: no algorithm; encryption inactive [24-6月 -2018 12:37:55:555] naeshow: Choice 1: 'AES256' (ID 17) [24-6月 -2018 12:37:55:555] naeshow: Choice 2: 'RC4_256' (ID 6) [24-6月 -2018 12:37:55:555] naeshow: Choice 3: 'AES192' (ID 16) [24-6月 -2018 12:37:55:555] naeshow: Choice 4: '3DES168' (ID 12) [24-6月 -2018 12:37:55:555] naeshow: Choice 5: 'AES128' (ID 15) [24-6月 -2018 12:37:55:555] naeshow: Choice 6: 'RC4_128' (ID 10) [24-6月 -2018 12:37:55:555] naeshow: Choice 7: '3DES112' (ID 11) [24-6月 -2018 12:37:55:555] naeshow: Choice 8: 'RC4_56' (ID 8) [24-6月 -2018 12:37:55:555] naeshow: Choice 9: 'DES' (ID 2) [24-6月 -2018 12:37:55:555] naeshow: Choice 10: 'RC4_40' (ID 1) [24-6月 -2018 12:37:55:555] naeshow: Choice 11: 'DES40' (ID 3) [24-6月 -2018 12:37:55:555] naeshow: exit ----数据库执行select * from dual查询 [24-6月 -2018 12:39:38:744] nioqrc: entry [24-6月 -2018 12:39:38:744] nsbasic_bsd: entry [24-6月 -2018 12:39:38:744] nsbasic_bsd: tot=0, plen=256. [24-6月 -2018 12:39:38:744] nttfpwr: entry [24-6月 -2018 12:39:38:744] nttfpwr: socket 888 had bytes written=256 [24-6月 -2018 12:39:38:744] nttfpwr: exit [24-6月 -2018 12:39:38:744] nsbasic_bsd: packet dump [24-6月 -2018 12:39:38:744] nsbasic_bsd: 01 00 00 00 06 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 00 03 5E 15 61 80 00 |...^.a..| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 00 00 00 00 FE FF FF |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: FF FF FF FF FF 12 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 FE FF FF FF FF FF FF |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: FF 0D 00 00 00 FE FF FF |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: FF FF FF FF FF FE FF FF |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: FF FF FF FF FF 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 01 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 00 00 00 00 FE FF FF |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: FF FF FF FF FF 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 00 00 00 00 FE FF FF |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: FF FF FF FF FF FE FF FF |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: FF FF FF FF FF FE FF FF |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: FF FF FF FF FF 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 00 00 00 00 FE FF FF |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: FF FF FF FF FF FE FF FF |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: FF FF FF FF FF 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 12 73 65 6C 65 63 74 |..select| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 20 2A 20 66 72 6F 6D 20 |.*.from.| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 64 75 61 6C 01 00 00 00 |dual....| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 01 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_bsd: exit (0) [24-6月 -2018 12:39:38:744] nsbasic_brc: entry: oln/tot=0,prd=0 ----返回查询结果 [24-6月 -2018 12:39:38:744] nsbasic_brc: packet dump [24-6月 -2018 12:39:38:744] nsbasic_brc: 01 04 00 00 06 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 10 17 00 00 00 02 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: FC 54 0D 44 40 AD B2 74 |.T.D@..t| [24-6月 -2018 12:39:38:744] nsbasic_brc: 09 CB A2 01 A7 2D 38 78 |.....-8x| [24-6月 -2018 12:39:38:744] nsbasic_brc: 76 04 15 03 3B 28 01 00 |v...;(..| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 01 00 00 00 51 01 |......Q.| [24-6月 -2018 12:39:38:744] nsbasic_brc: 80 00 00 01 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 00 00 00 54 03 01 |.....T..| [24-6月 -2018 12:39:38:744] nsbasic_brc: 01 00 00 00 01 05 05 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 05 44 55 4D 4D 59 |...DUMMY| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 00 00 00 00 07 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 07 78 76 04 15 05 |...xv...| [24-6月 -2018 12:39:38:744] nsbasic_brc: 0F 0C 01 00 00 00 E8 1F |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 02 00 00 00 02 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 00 00 00 00 06 22 |......."| [24-6月 -2018 12:39:38:744] nsbasic_brc: 01 00 00 00 00 00 01 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 00 00 07 01 58 08 |......X.| [24-6月 -2018 12:39:38:744] nsbasic_brc: 06 00 7E 2D 18 00 00 00 |..~-....| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 02 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 04 01 00 00 00 13 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 01 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 00 02 00 00 00 03 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 00 00 00 00 00 15 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 01 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 00 00 00 00 00 00 |........| [24-6月 -2018 12:39:38:744] nsbasic_brc: 00 00 00 00 |.... | [24-6月 -2018 12:39:38:744] nsbasic_brc: exit: oln=0, dln=250, tot=260, rc=0
启用数据传输加密
这几个参数,每个参数都有几种选项,具体在下文补充说明
--服务端配置sqlnet.ora中配置,并重启监听 SQLNET.ENCRYPTION_SERVER = requested SQLNET.ENCRYPTION_TYPES_SERVER= (RC4_128) --客户端sqlnet.ora中配置 SQLNET.ENCRYPTION_CLIENT = requested SQLNET.ENCRYPTION_TYPES_CLIENT= (RC4_128)
捕获加密情况数据
----登录操作
[24-6月 -2018 12:45:16:786] nam_gnsp: Reading parameter "SQLNET.ENCRYPTION_CLIENT" from parameter file
[24-6月 -2018 12:45:16:786] nam_gnsp: Found value "requested"
[24-6月 -2018 12:45:16:786] nam_gic: entry
[24-6月 -2018 12:45:16:786] nam_gic: Counting # of items in "SQLNET.ENCRYPTION_TYPES_CLIENT" parameter
[24-6月 -2018 12:45:16:786] nam_gic: Found 1 items
[24-6月 -2018 12:45:16:786] nam_gic: exit
[24-6月 -2018 12:45:16:786] nam_gnsp: Reading parameter "SQLNET.ENCRYPTION_TYPES_CLIENT" from parameter file
[24-6月 -2018 12:45:16:786] nam_gnsp: Found value "RC4_128"
[24-6月 -2018 12:45:16:786] naeshow: entry
[24-6月 -2018 12:45:16:786] naeshow: These are the encryption algorithms that the client will accept:
[24-6月 -2018 12:45:16:786] naeshow: Choice 0: 'RC4_128' (ID 10)
[24-6月 -2018 12:45:16:786] naeshow: Choice 1: no algorithm; encryption inactive
----发送查询select * from dual
[24-6月 -2018 12:49:51:528] nttwr: socket 848 had bytes written=277
[24-6月 -2018 12:49:51:528] nttwr: exit
[24-6月 -2018 12:49:51:528] nspsend: packet dump
[24-6月 -2018 12:49:51:528] nspsend: 01 15 00 00 06 00 00 00 |........|
[24-6月 -2018 12:49:51:528] nspsend: 00 00 DF CE 9E 46 DB 71 |.....F.q|
[24-6月 -2018 12:49:51:528] nspsend: CE 88 43 9E CA 43 F8 BE |..C..C..|
[24-6月 -2018 12:49:51:528] nspsend: E8 ED 07 F1 2E 93 B6 2C |.......,|
[24-6月 -2018 12:49:51:528] nspsend: E9 5A E5 D8 06 8B DB EE |.Z......|
[24-6月 -2018 12:49:51:528] nspsend: 66 9E B5 BB 24 C0 5E 4C |f...$.^L|
[24-6月 -2018 12:49:51:528] nspsend: 33 9C 81 10 18 0F BE 30 |3......0|
[24-6月 -2018 12:49:51:528] nspsend: 79 56 4C D8 4A F9 4D 78 |yVL.J.Mx|
[24-6月 -2018 12:49:51:528] nspsend: 6A 42 24 89 D4 0D 1F 92 |jB$.....|
[24-6月 -2018 12:49:51:528] nspsend: 44 24 DA 42 15 49 22 09 |D$.B.I".|
[24-6月 -2018 12:49:51:528] nspsend: FE AF 07 EA 01 36 83 D4 |.....6..|
[24-6月 -2018 12:49:51:528] nspsend: D6 B3 16 BD 1E B2 88 93 |........|
[24-6月 -2018 12:49:51:528] nspsend: 29 39 DB 44 86 E5 C6 F2 |)9.D....|
[24-6月 -2018 12:49:51:528] nspsend: DF 87 90 4B 6E 5A 66 D3 |...KnZf.|
[24-6月 -2018 12:49:51:528] nspsend: B1 1A 3A 34 01 A9 C2 F1 |..:4....|
[24-6月 -2018 12:49:51:528] nspsend: C7 08 06 50 2B BB C4 5E |...P+..^|
[24-6月 -2018 12:49:51:528] nspsend: C0 80 D7 72 E4 D8 C0 B6 |...r....|
[24-6月 -2018 12:49:51:528] nspsend: C4 31 90 9A 3C 83 B0 16 |.1..<...|
[24-6月 -2018 12:49:51:528] nspsend: D1 AE 82 56 39 46 08 20 |...V9F..|
[24-6月 -2018 12:49:51:528] nspsend: DE D2 DC 6B BC 5F BF 7E |...k._.~|
[24-6月 -2018 12:49:51:528] nspsend: 25 2A 31 D7 A3 60 CE 7A |%*1..`.z|
[24-6月 -2018 12:49:51:528] nspsend: 42 58 0A 43 11 F5 D6 0A |BX.C....|
[24-6月 -2018 12:49:51:528] nspsend: 31 C8 96 38 F3 C2 90 6A |1..8...j|
[24-6月 -2018 12:49:51:528] nspsend: 64 50 46 B0 A2 EF 1E 9A |dPF.....|
[24-6月 -2018 12:49:51:528] nspsend: 86 11 67 C9 9B CD 8C 2B |..g....+|
[24-6月 -2018 12:49:51:528] nspsend: 2A 02 0D 9B C3 C5 D3 23 |*......#|
[24-6月 -2018 12:49:51:528] nspsend: 75 4C 4A 5B A3 85 80 C5 |uLJ[....|
[24-6月 -2018 12:49:51:528] nspsend: FA F0 6C C3 23 72 D5 28 |..l.#r.(|
[24-6月 -2018 12:49:51:528] nspsend: 0E 16 C7 C8 1B 3D CC B8 |.....=..|
[24-6月 -2018 12:49:51:528] nspsend: 06 FA D7 FB 03 EB E6 41 |.......A|
[24-6月 -2018 12:49:51:528] nspsend: 05 54 B0 5A 18 CC 7F E7 |.T.Z....|
[24-6月 -2018 12:49:51:528] nspsend: 2D 36 C4 4A E6 B2 7F F6 |-6.J....|
[24-6月 -2018 12:49:51:528] nspsend: 1E 10 5B 20 CF 60 FA D3 |..[..`..|
[24-6月 -2018 12:49:51:528] nspsend: 6E B1 F7 9E 35 92 27 BA |n...5.'.|
[24-6月 -2018 12:49:51:528] nspsend: 9A 4A F1 00 01 |.J... |
[24-6月 -2018 12:49:51:528] nspsend: 277 bytes to transport
[24-6月 -2018 12:49:51:528] nspsend: normal exit
----接收数据
[24-6月 -2018 12:49:51:528] nttrd: exit
[24-6月 -2018 12:49:51:528] nsprecv: 262 bytes from transport
[24-6月 -2018 12:49:51:528] nsprecv: tlen=262, plen=262, type=6
[24-6月 -2018 12:49:51:528] nsprecv: packet dump
[24-6月 -2018 12:49:51:528] nsprecv: 01 06 00 00 06 00 00 00 |........|
[24-6月 -2018 12:49:51:528] nsprecv: 00 00 63 2C 04 99 D8 25 |..c,...%|
[24-6月 -2018 12:49:51:528] nsprecv: 40 38 A0 30 AE 3D 24 05 |@8.0.=$.|
[24-6月 -2018 12:49:51:528] nsprecv: 97 E4 70 E9 1D 76 8B A0 |..p..v..|
[24-6月 -2018 12:49:51:528] nsprecv: 38 AD 7E D3 B1 A1 BD B7 |8.~.....|
[24-6月 -2018 12:49:51:528] nsprecv: 29 1F 0C 19 9A 0B FD D0 |).......|
[24-6月 -2018 12:49:51:528] nsprecv: F3 13 51 E0 78 C2 7C 7D |..Q.x.|}|
[24-6月 -2018 12:49:51:528] nsprecv: 37 BC AA 25 23 20 FF 05 |7..%#...|
[24-6月 -2018 12:49:51:528] nsprecv: E0 F6 AF C3 53 C9 50 2F |....S.P/|
[24-6月 -2018 12:49:51:528] nsprecv: 68 0D F1 CB CE B8 90 6B |h......k|
[24-6月 -2018 12:49:51:528] nsprecv: 90 CC B2 B5 DF D8 C3 BC |........|
[24-6月 -2018 12:49:51:529] nsprecv: F0 7A 37 E7 1B FA 3E 6B |.z7...>k|
[24-6月 -2018 12:49:51:529] nsprecv: 13 90 7A 10 1C 6D C5 40 |..z..m.@|
[24-6月 -2018 12:49:51:529] nsprecv: BC E0 B9 4F 69 10 49 4D |...Oi.IM|
[24-6月 -2018 12:49:51:529] nsprecv: B9 78 2E 28 B3 8C 05 53 |.x.(...S|
[24-6月 -2018 12:49:51:529] nsprecv: 18 99 B2 AF 46 AE 1D D7 |....F...|
[24-6月 -2018 12:49:51:529] nsprecv: 0E 19 56 28 7A B6 16 72 |..V(z..r|
[24-6月 -2018 12:49:51:529] nsprecv: 46 57 C9 7A 1C DB D1 A2 |FW.z....|
[24-6月 -2018 12:49:51:529] nsprecv: A2 35 B7 DD 63 EA 5E 07 |.5..c.^.|
[24-6月 -2018 12:49:51:529] nsprecv: F9 E1 4E 54 D0 57 63 9D |..NT.Wc.|
[24-6月 -2018 12:49:51:529] nsprecv: 12 B0 7B 6F 0C DC 98 90 |..{o....|
[24-6月 -2018 12:49:51:529] nsprecv: C1 71 3B BD DA 27 03 CE |.q;..'..|
[24-6月 -2018 12:49:51:529] nsprecv: 4B FA 5D 64 31 17 D1 CC |K.]d1...|
[24-6月 -2018 12:49:51:529] nsprecv: 49 A7 A7 47 D8 26 81 23 |I..G.&.#|
[24-6月 -2018 12:49:51:529] nsprecv: BC 9E 54 76 C9 98 07 CF |..Tv....|
[24-6月 -2018 12:49:51:529] nsprecv: CF 97 A4 70 57 68 80 16 |...pWh..|
[24-6月 -2018 12:49:51:529] nsprecv: 45 14 3D 32 06 3E 1A 06 |E.=2.>..|
[24-6月 -2018 12:49:51:529] nsprecv: 0A D6 8F 51 29 D3 A4 2E |...Q)...|
[24-6月 -2018 12:49:51:529] nsprecv: 06 0C 03 B1 7A D1 5B 3B |....z.[;|
[24-6月 -2018 12:49:51:529] nsprecv: 22 9A 6B 0F CD F7 EA 8C |".k.....|
[24-6月 -2018 12:49:51:529] nsprecv: D7 8C CE F8 B6 9E 80 01 |........|
[24-6月 -2018 12:49:51:529] nsprecv: 95 1A D8 35 31 84 D6 42 |...51..B|
[24-6月 -2018 12:49:51:529] nsprecv: 7C CC 2D 31 00 01 ||.-1.. |
[24-6月 -2018 12:49:51:529] nsprecv: normal exit
这里可以发现,通过配置相关传输加密之后,客户端trace看到的已经是加密之后的数据,也就是说这样可以确保数据传输安全,网络上就算捕获这些包,也无法知道应用端和数据库端交互的内容.
补充说明
1. ENCRYPTION_SERVER和ENCRYPTION_CLIENT参数对应关系
2. ENCRYPTION_TYPES_SERVER和ENCRYPTION_TYPES_CLIENT采用加密算法选择,可以选择adapters查看到的一种或者多种,默认为支持所有加密算法
3. 对于jdbc应用来说,可以参考下列配置方式
import oracle.jdbc.OracleConnection;
import oracle.jdbc.pool.OracleDataSource;
import java.sql.*;
import java.util.*;
class Employee1{
public static void main (String args []) throws Exception
{
OracleDataSource ods = new OracleDataSource();
Properties props = new Properties();
props.setProperty(OracleConnection.CONNECTION_PROPERTY_THIN_NET_ENCRYPTION_LEVEL, "REQUIRED");
props.setProperty(OracleConnection.CONNECTION_PROPERTY_THIN_NET_ENCRYPTION_TYPES, "(AES256,AES192,AES128)");
ods.setURL("jdbc:oracle:thin:@//yourHost:port/dbServiceName");
ods.setUser("scott");
ods.setPassword("tiger");
ods.setConnectionProperties(props);
Connection conn = ods.getConnection();
// Create a Statement
Statement stmt = conn.createStatement ();
// Select the ENAME column from the EMP table
ResultSet rset = stmt.executeQuery ("select ENAME from EMP");
// Iterate through the result and print the employee names
while (rset.next ())
System.out.println (rset.getString (1));
rset.close();
stmt.close();
conn.close();
}
}