Last week, I was appointed to develop a Java program that should connect to an external secure socket, in order to get data provided by a partner company. Another requisite was that the module should be stored on an Oracle 11g Database, so I must use a 1.5 JDK. Easy, I thought!
First of all, I review Java Secure Socket Extension (JSSE) Reference Guide. Our company partner IT team provided me with the key store containing the certificate I should trust and I decide to program a custom SSL context:
... KeyStore keyStoreTrust = KeyStore.getInstance("PKCS12"); keyStoreTrust.load(this.getClass().getResourceAsStream("KeyStoreTrust.pfx"), "password".toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX"); trustManagerFactory.init(keyStoreTrust); SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, trustManagerFactory.getTrustManagers(), null); ...
The first problem arose when the server socket (developed in Microsoft .NET C#) unexpectedly closed the connection during the handshake, the support guy of my partner company said me that they got the following error message: “The client and server cannot communicate, because they do not possess a common algorithm”. Therefore, I delved into the problem and finally I realized that the server wanted to use a TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher suite, which wasn’t supported by the security providers shipped with the JDK 1.5 I’d like to point out that a key point to find out the source of the error was to activate the debug of the SSL connection:
Hence, I decided to add to my program the well-known Bouncy Castle security provider, which supports the required cipher suite and it’s 1.5 compliant:
Once I sorted out the problem, everything started to work properly, at least as an stand-alone client! So, I created a “Loadjava and Java Stored Procedures” profile in my JDeveloper IDE, in order to deploy the software to the Oracle Database 11.2, but when I tried to do it I got the following errors:
Invoking loadjava on connection 'Test11g_Paco' with arguments: -order -resolve -definer -thin -resolver ((* TEST) (* PUBLIC) (* -)) -synonym errors : class org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey ORA-29552: verification warning: java.lang.NoClassDefFoundError: java/security/interfaces/ECPrivateKey errors : class org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPublicKey ORA-29552: verification warning: java.lang.NoClassDefFoundError: java/security/interfaces/ECPublicKey errors : class org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PrivateKey ORA-29552: verification warning: java.lang.NoClassDefFoundError: java/security/interfaces/ECPrivateKey errors : class org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PublicKey ORA-29552: verification warning: java.lang.NoClassDefFoundError: java/security/interfaces/ECPublicKey errors : class org/bouncycastle/jce/provider/JCEECPrivateKey ORA-29552: verification warning: java.lang.NoClassDefFoundError: java/security/interfaces/ECPrivateKey errors : class org/bouncycastle/jce/provider/JCEECPublicKey ORA-29552: verification warning: java.lang.NoClassDefFoundError: java/security/interfaces/ECPublicKey Loadjava finished.
I can’t understand the problem because the interfaces java.security.interfaces.ECPublicKey and java.security.interfaces.ECPrivateKey are available in 1.5 and the Oracle Database 11.2 JVM is supposed to be 1.5 compliant, but I couldn’t find any satisfactory solution.
I’ve been a fan of developing Java software stored in Oracle Databases for the last years, it’s the perfect partner of PL/SQL, where this structured language is difficult to deal with or simply can’t achieve the goal.
One of my first problems was remote debugging, a common issue for every programmer.
First of all, I asked my DBA for the DEBUG CONNECT SESSION system privilege. When I got it, I had to configure my JDeveloper project for remote debugging, I started using the version 10g of this powerful IDE, so I changed the project properties in order to listen for JPDA (Java Platform Debugger Architecture) connections:
Nowadays, I’m working with JDeveloper 11g, where I have to configure a Run/Debug/Profile within the project properties, clicking on the Remote Debugging check-box of the Launch Settings and adjusting the same parameters of the former version:
Later on, the next step was to set the breakpoints I needed in the code, so I could go to the menu Run → Debug, in order to listen for remote debugging sessions. At this point, I was asked for the details of the connection:
Once I started the listening process, I could check for it checking the Run Manager.
The next step was to run SQL*Plus (nowadays I use SQLDeveloper), logging on the Database and calling the procedure dbms_debug_jdwp.connect_tcp with two VARCHAR2 parameters: the IP direction of my PC and the port where my IDE was listening for JPDA connections.
After that, I started my debugging session calling the PL/SQL wrapper from SQL*Plus.
When I finished my debugging session, I ran the procedure dbms_debug_jdwp.disconnect from SQL*Plus and I used the Run Manager of JDeveloper to terminate the listening process.
Finally, I would like to talk of some problems I’ve suffered from: sometimes the debugger disconnects the session without any reason, others it disconnects when the Java code throws an exception in order to be managed by the calling PL/SQL, both times the Oracle Database connection is finished too.