Create an Oracle data source using Kerberos and Thin driver
Official documentation and software
For full information about Oracle, refer to the official documentation.
To download Oracle database software, refer to the official software downloads.
For more versions of Oracle JDBC driver, refer to the official JDBC driver downloads.
DataGrip uses JDBC drivers to connect to the Oracle server through the TNS protocol. The following driver modes are available:
In Thin mode, the JDBC driver always connects to the TNS listener. In this mode, various versions of the JDBC driver can be used.
In OCI mode, the JDBC driver uses native libraries. In this case, the JDBC driver's version must be the same as the version of these native libraries.
Prerequisites
This tutorial does not cover the configuration of Windows Server and Oracle instances. Consider reading the official documentation of these vendors.
Client side
Before configuring the connection in DataGrip, ensure that you have configured and got the following prerequisites:
Configured krb5.conf.
Configured Kerberos client to run
kinit
. For more information about configuring and installing Kerberos, refer to the Kerberos documentation at web.mit.edu.
Server side
For more information about configuring the server side, refer to the following links.
Oracle instance with Kerberos. The following links might be useful:
Windows Server with configured Active Directory authentication.
Kerberos installed and configured on your Windows Server machine. The following documentation might help you:
Configuring data source in DataGrip
First, you need to obtain a ticket for a user. To obtain the ticket, you need to run the kinit
command with the username.
Run kinit in the command prompt
In the command prompt or in the terminal, run the following command:
kinit oraclekrbInstead of
oraclekrb
, use your username.Enter a password for the username.
Create a data source
To connect to the database, create a data source that will store your connection details. You can do this using one of the following ways:
In the main menu, go to Oracle.
and selectIn the Database Explorer ( ) , click the New icon () in the toolbar. Navigate to Data Source and select Oracle.
From the Connection type list, select SID.
In the Host field, type the host address of your database.
In the SID field, enter the instance name. You can ask your database administrator for the instance name or try running the following query in the command prompt when connected to the instance with your user:
SELECT sys_context('userenv','instance_name') FROM dual;From the Driver list, select Thin.
From the Authentication list, select Kerberos.
On the General tab, click Test Connection to ensure that the connection is successful.
Check an authentication method
Run the following query from the data editor:
SELECT sys_context('userenv', 'authentication_method') FROM dual;
Troubleshooting
EncryptionKey: Key bytes cannot be null!
There are cases when the connection does not work with the Oracle driver 21.1.0.0. Try switching to other driver versions (for example, 19.8.0.0 or 12.2.0.1). For more information about changing the driver's version, refer to Change the driver version.