Home > OS >  Spring Boot, using oracle-ldap url through ssh tunnel on local machine
Spring Boot, using oracle-ldap url through ssh tunnel on local machine

Time:10-06

There are 3 machines:
local -> some remote server -> oracle db server (via ldap)

I want to set up datasource connection (in my spring boot app) to the oracle db.
There is no direct connectivity between local machine and the one with oracle db. So, i'm using the ssh tunnel through remote server:

ssh -L 127.0.0.1:8081:some.ldap.host:389 [email protected]

In application.yml file i'm using further url:

spring:
  datasource:
    url: jdbc:oracle:thin:@ldap://127.0.0.1:8081//srvcnm,cn=OracleContext,dc=yy,dc=xx,dc=com 

And when my app trying to get db connection, im getting the following error:

Caused by: oracle.net.nt.TimeoutInterruptHandler$IOReadTimeoutException: Socket read timed out
    at oracle.net.nt.TimeoutSocketChannel.handleInterrupt(TimeoutSocketChannel.java:254)
    at oracle.net.nt.TimeoutSocketChannel.connect(TimeoutSocketChannel.java:103)
    at oracle.net.nt.TimeoutSocketChannel.<init>(TimeoutSocketChannel.java:77)
    at oracle.net.nt.TcpNTAdapter.connect(TcpNTAdapter.java:192)
    ... 126 common frames omitted

Whenever i'm deploying app on the remote server and enter "direct" url in application.yml the connection is being obtained without any timeouts, and the app works well.

jdbc:oracle:thin:@ldap://some.ldap.host:389//srvcnm,cn=OracleContext,dc=yy,dc=xx,dc=com

Does anyone know how to handle this? How to get connection from local machine?

CodePudding user response:

I may do some thing like this, I am going to create file call ~/.ssh/config then add following

Host remoteserver1
        User usermane
        Hostname ip or host name
        ForwardAgent yes
Host oracleserver
    User username
    Hostname some.ldap.host
    Port 22
   # ForwardAgent yes if you need to forward one more instance
    LocalForward 8081 some.ldap.host:389
    ProxyCommand ssh -q -W %h:%p remoteserver1

What this does is that when I attempt to connect to ssh oracleserver from remoteserver1, it connects to hopper and then proxies the SSH connection to port 22 on overthere (ie: SSH on oracleserver).

now to connect via ssh do following ssh oracleserver , as it will make ssh tunnel between your machine and oracleserver via remoteserver1. along with port forwarding.

CodePudding user response:

The problem was in redirecting source connection request to another machine with oracle db itself (after ldap auth). So, the request's path looked like:

1.local -> 2.remote server -> 3.ldap server -> 4.oracle db server

There wasn't connectivity between 1st and 4th machine as the tunnel was only between 1th and 3rd one.

So, you if you faced this issue, you may add one more ssh tunnel (First tunnel is for ldap server, second one for oracle db) and enrich your "etc/hosts" with oracle server's routing.

In my case the issue was in access restrictions. The oracle server is filtering sockets somehow and grants access to certain machines.

  • Related