0

我正在尝试将使用 EntityFW 和 Oracle.ManagedDataAccess 的 Web api 连接到 Oracle 12c (12.2.0.1)

我必须使用带有以下参数的 Kerberos 身份验证

SQLNET.KERBEROS5_CONF=C:\temp\krb5.conf
SQLNET.KERBEROS5_CONF_MIT=TRUE
SQLNET.AUTHENTICATION_KERBEROS5_SERVICE=orakrb
SQLNET.KERBEROS5_CC_NAME=OSMSFT:                 
SQLNET.AUTHENTICATION_SERVICES=(KERBEROS5PRE,KERBEROS5)

即使我在AUTHENTICATION_SERVICES中有KERBEROS5

我认为使用下面的设置它实际上不起作用

SQLNET.KERBEROS5_CONF=C:\temp\krb5.conf
SQLNET.KERBEROS5_CONF_MIT=TRUE
SQLNET.AUTHENTICATION_KERBEROS5_SERVICE=orakrb
SQLNET.KERBEROS5_CC_NAME=MSLSA:                 
SQLNET.AUTHENTICATION_SERVICES=(KERBEROS5)

所以我的有效配置就像

SQLNET.KERBEROS5_CONF=C:\temp\krb5.conf
SQLNET.KERBEROS5_CONF_MIT=TRUE
SQLNET.AUTHENTICATION_KERBEROS5_SERVICE=orakrb
SQLNET.KERBEROS5_CC_NAME=OSMSFT:                 
SQLNET.AUTHENTICATION_SERVICES=(KERBEROS5PRE)

我的web.config中嵌入了以下内容

<oracle.manageddataaccess.client>
    <version number="*">
      <settings>
        <setting name="sqlnet.kerberos5_conf" value="C:\temp\krb5.conf" />
        <setting name="sqlnet.kerberos5_cc_name" value="OSMSFT://" />
        <setting name="sqlnet.authentication_services" value="(Kerberos5pre)" />
        <setting name="sqlnet.kerberos5_conf_mit" value="TRUE" />
        <setting name="sqlnet.authentication_kerberos5_service" value="orakrb" />
        </settings>
    </version>
  </oracle.manageddataaccess.client>

我根本没有经过身份验证(我验证了正在运行的用户并且它是正确的)

堆栈转储

{
  "Message": "An error has occurred.",
  "ExceptionMessage": "An error occurred accessing the database. This usually means that the connection to the database failed. Check that the connection string is correct and that the appropriate DbContext constructor is being used to specify it or find it in the application's config file. See http://go.microsoft.com/fwlink/?LinkId=386386 for information on DbContext and connections. See the inner exception for details of the failure.",
  "ExceptionType": "System.Data.Entity.Core.ProviderIncompatibleException",
  "StackTrace": "   at System.Data.Entity.Utilities.DbProviderServicesExtensions.GetProviderManifestTokenChecked(DbProviderServices providerServices, DbConnection connection)\r\n   at System.Data.Entity.Infrastructure.DefaultManifestTokenResolver.<>c__DisplayClass1.<ResolveManifestToken>b__0(Tuple`3 k)\r\n   at System.Collections.Concurrent.ConcurrentDictionary`2.GetOrAdd(TKey key, Func`2 valueFactory)\r\n   at System.Data.Entity.Infrastructure.DefaultManifestTokenResolver.ResolveManifestToken(DbConnection connection)\r\n   at System.Data.Entity.Utilities.DbConnectionExtensions.GetProviderInfo(DbConnection connection, DbProviderManifest& providerManifest)\r\n   at System.Data.Entity.DbModelBuilder.Build(DbConnection providerConnection)\r\n   at System.Data.Entity.Internal.LazyInternalContext.CreateModel(LazyInternalContext internalContext)\r\n   at System.Data.Entity.Internal.RetryLazy`2.GetValue(TInput input)\r\n   at System.Data.Entity.Internal.LazyInternalContext.InitializeContext()\r\n   at System.Data.Entity.Internal.InternalContext.GetEntitySetAndBaseTypeForType(Type entityType)\r\n   at System.Data.Entity.Internal.Linq.InternalSet`1.Initialize()\r\n   at System.Data.Entity.Internal.Linq.InternalSet`1.get_InternalContext()\r\n   at System.Data.Entity.Infrastructure.DbQuery`1.System.Linq.IQueryable.get_Provider()\r\n   at System.Linq.Queryable.Where[TSource](IQueryable`1 source, Expression`1 predicate)\r\n   at ffma.idm.facade.Factset.BenchmarkFacade`1.GetAllActive() in C:\\Development\\ffma.dmp.web\\ffma.idm.facade\\Factset\\BenchmarkFacade.cs:line 23\r\n   at ffma.idm.facade.Factset.BenchmarkFacade`1.Query(String benchmarkIds, String currencies, Nullable`1 effectiveFromDate, Nullable`1 effectiveToDate, Nullable`1 isHedegedReturn) in C:\\Development\\ffma.dmp.web\\ffma.idm.facade\\Factset\\BenchmarkFacade.cs:line 190\r\n   at ffma.idm.facade.Factset.BenchmarkFacade`1.GetByNameMatch(BenchmarkNameWildCardSearchRequest searchReq) in C:\\Development\\ffma.dmp.web\\ffma.idm.facade\\Factset\\BenchmarkFacade.cs:line 86\r\n   at ffma.api.dmp.marketdata.Controllers.MarketDataController.<>c__DisplayClass18_0.<FindByBenchmarkNameAndDates>b__0() in C:\\Development\\ffma.dmp.web\\ffma.api.dmp.marketdata\\Controllers\\IDM\\MarketDataController.cs:line 293\r\n   at System.Threading.Tasks.Task`1.InnerInvoke()\r\n   at System.Threading.Tasks.Task.Execute()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()\r\n   at ffma.api.dmp.marketdata.Controllers.MarketDataController.<FindByBenchmarkNameAndDates>d__18.MoveNext() in C:\\Development\\ffma.dmp.web\\ffma.api.dmp.marketdata\\Controllers\\IDM\\MarketDataController.cs:line 292\r\n--- End of stack trace from previous location where exception was thrown ---\r\n   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n   at System.Threading.Tasks.TaskHelpersExtensions.<CastToObject>d__3`1.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n   at System.Web.Http.Controllers.ApiControllerActionInvoker.<InvokeActionAsyncCore>d__0.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n   at System.Web.Http.Filters.ActionFilterAttribute.<CallOnActionExecutedAsync>d__5.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n   at System.Web.Http.Filters.ActionFilterAttribute.<CallOnActionExecutedAsync>d__5.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n   at System.Web.Http.Filters.ActionFilterAttribute.<ExecuteActionFilterAsyncCore>d__0.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n   at System.Web.Http.Controllers.ActionFilterResult.<ExecuteAsync>d__2.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n   at System.Web.Http.Filters.AuthorizationFilterAttribute.<ExecuteAuthorizationFilterAsyncCore>d__2.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n   at System.Web.Http.Filters.AuthorizationFilterAttribute.<ExecuteAuthorizationFilterAsyncCore>d__2.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n   at System.Web.Http.Controllers.ExceptionFilterResult.<ExecuteAsync>d__0.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n   at System.Web.Http.Controllers.ExceptionFilterResult.<ExecuteAsync>d__0.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n   at System.Web.Http.Dispatcher.HttpControllerDispatcher.<SendAsync>d__1.MoveNext()",
  "InnerException": {
    "Message": "An error has occurred.",
    "ExceptionMessage": "The provider did not return a ProviderManifestToken string.",
    "ExceptionType": "System.Data.Entity.Core.ProviderIncompatibleException",
    "StackTrace": "   at System.Data.Entity.Core.Common.DbProviderServices.GetProviderManifestToken(DbConnection connection)\r\n   at System.Data.Entity.Utilities.DbProviderServicesExtensions.GetProviderManifestTokenChecked(DbProviderServices providerServices, DbConnection connection)",
    "InnerException": {
      "Message": "An error has occurred.",
      "ExceptionMessage": "ORA-01017: invalid username/password; logon denied",
      "ExceptionType": "Oracle.ManagedDataAccess.Client.OracleException",
      "StackTrace": "   at OracleInternal.ConnectionPool.PoolManager`3.Get(ConnectionString csWithDiffOrNewPwd, Boolean bGetForApp, CriteriaCtx criteriaCtx, String affinityInstanceName, Boolean bForceMatch)\r\n   at OracleInternal.ConnectionPool.OraclePoolManager.Get(ConnectionString csWithNewPassword, Boolean bGetForApp, CriteriaCtx criteriaCtx, String affinityInstanceName, Boolean bForceMatch)\r\n   at OracleInternal.ConnectionPool.OracleConnectionDispenser`3.Get(ConnectionString cs, PM conPM, ConnectionString pmCS, SecureString securedPassword, SecureString securedProxyPassword, CriteriaCtx criteriaCtx)\r\n   at Oracle.ManagedDataAccess.Client.OracleConnection.Open()\r\n   at Oracle.ManagedDataAccess.EntityFramework.EFOracleProviderServices.GetDbProviderManifestToken(DbConnection connection)\r\n   at System.Data.Entity.Core.Common.DbProviderServices.GetProviderManifestToken(DbConnection connection)"
    }
  }
}

我设法使我组织的大多数工具都在 API 之外工作

  • sqlplus(命令行)
  • Python
  • pycharm的datagrip
  • 电源 BI
  • SSIS
  • ETC..

开始相信以下链接的第一个答案是正确的,但没有书面证明

C# Oracle 托管连接上的 Kerberos

任何帮助表示赞赏

4

1 回答 1

0

根据

https://docs.oracle.com/en/database/oracle/oracle-database/12.2/odpnt/InstallManagedConfig.html#GUID-A9EF5624-1828-46DD-84D1-CC5F40BFB6F5

ODP.NET 托管驱动程序不支持KERBEROS5PRE

Anand Krishna在下面的链接中的回答是来自不同线程的正确答案

C# Oracle 托管连接上的 Kerberos

于 2019-10-24T00:33:08.717 回答