I have created a simple index.gsp, using Grails 3.1.6, whose content is an embedded Java code connecting to Oracle 12c via SSL/TLS. The URL is a string invoking the TCPS protocol, uses the thin JDBC driver for connecting to Oracle 12c. The password, username, trust store path/type/password, key store path/type/password, cipher suites are specified by the Java utility properties.
Once a secured connection is established the Grails gsp queries the current date and time of the database server. This works.
Below is my gsp's content.
....
I have tried _in vain_ to configure the application.yml to implement the above setup, especially in the environments: development: datasource: .... These are some of my test scenarios.
scenario 1:
environments:
development:
dataSource:
dbCreate: update
url: jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=jreportdbsvr)(PORT=1525))(CONNECT_DATA=(SERVICE_NAME=mysid.mydomain)))
properties:
.... no specification of trust / key stores, ciphersuite ....
error message:
"java.sql.SQLRecoverableException: IO Error: sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
comment:
It is looking for a valid certification that I intentionally omitted in this scenario.
error message:
"........Caused by: org.springframework.beans.NotWritablePropertyException: Invalid property 'javax' of bean class [org.apache.tomcat.jdbc.pool.DataSource]:
Bean property 'javax' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?..."
comment:
Grails does not recognize these properties ... javax.net.ssl.trustStore
error message:
"Caused by: org.springframework.beans.NotWritablePropertyException: Invalid property 'ssl' of bean class [org.apache.tomcat.jdbc.pool.DataSource]:
Bean property 'ssl' is not writable or has an invalid setter method. Did you mean 'url'? "
comment: Grails does recognize the way I specified those properties.
My question to the Grails founders is how should/would I specify the properties I had in the index.gsp into either the application.yml or the application.groovy?
Thanks,
Minh
High Performance Computing Modernization Program
Lorton, Virginia
I have created a simple index.gsp, using Grails 3.1.6, whose content is an embedded Java code connecting to Oracle 12c via SSL/TLS. The URL is a string invoking the TCPS protocol, uses the thin JDBC driver for connecting to Oracle 12c. The password, username, trust store path/type/password, key store path/type/password, cipher suites are specified by the Java utility properties. Once a secured connection is established the Grails gsp queries the current date and time of the database server. This works. Below is my gsp's content. ....
<%@ page import = "java.sql.*" %> <%@ page import = "java.util.Properties" %> <% String url = "jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=jreportdbsvr)" + "(PORT=1525))(CONNECT_DATA=(SERVICE_NAME=mysid.mydomain)))"; Driver driver = new oracle.jdbc.OracleDriver(); Properties props = new Properties(); props.setProperty("user", "username"); props.setProperty("password", "userpassword"); props.setProperty("javax.net.ssl.trustStore","H:/minh_workspace/pki/my-grails-app.jks"); props.setProperty("javax.net.ssl.trustStoreType","JKS"); props.setProperty("javax.net.ssl.trustStorePassword","my-grails-password"); props.setProperty("javax.net.ssl.keyStore","H:/minh_workspace/pki/my-grails-app.jks"); props.setProperty("javax.net.ssl.keyStoreType","JKS"); props.setProperty("javax.net.ssl.keyStorePassword","my-grails-password"); props.setProperty("oracle.net.ssl_cipher_suites", "SSL_RSA_WITH_3DES_EDE_CBC_SHA"); ResultSet rs = null; Statement stmt = null; Connection conn = driver.connect(url, props); stmt = conn.createStatement(); rs = stmt.executeQuery("select sysdate from dual"); while (rs.next()) { %><"Current date and time from Oracle 12c : ">
<%=rs.getString(1)%>
Configuring application.yml
I have tried _in vain_ to configure the application.yml to implement the above setup, especially in the environments: development: datasource: .... These are some of my test scenarios.
scenario 1: environments: development: dataSource: dbCreate: update url: jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=jreportdbsvr)(PORT=1525))(CONNECT_DATA=(SERVICE_NAME=mysid.mydomain))) properties: .... no specification of trust / key stores, ciphersuite .... error message: "java.sql.SQLRecoverableException: IO Error: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
comment: It is looking for a valid certification that I intentionally omitted in this scenario.
scenario 2: environments: development: dataSource: dbCreate: update url: jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=jreportdbsvr)(PORT=1525))(CONNECT_DATA=(SERVICE_NAME=mysid.mydomain))) properties: javax.net.ssl.trustStore: /local/tomcat/certificates/my-grails-app.jks javax.net.ssl.trustStoreType: JKS javax.net.ssl.trustStorePassword: my-grails-password javax.net.ssl.keyStore: /local/tomcat/certificates/my-grails-app.jks javax.net.ssl.keyStoreType: JKS javax.net.ssl.keyStorePassword: my-grails-password javax.net.ssl.ssl_cipher_suites: (SSL_RSA_WITH_3DES_EDE_CBC_SHA)
error message: "........Caused by: org.springframework.beans.NotWritablePropertyException: Invalid property 'javax' of bean class [org.apache.tomcat.jdbc.pool.DataSource]: Bean property 'javax' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?..."
comment: Grails does not recognize these properties ... javax.net.ssl.trustStore
scenario 3: development: dataSource: dbCreate: update url: jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=jreportdbsvr)(PORT=1525))(CONNECT_DATA=(SERVICE_NAME=mysid.mydomain))) properties: ...... ssl: trust-store: H:/minh_workspace/pki/my-grails-app.jks trust-store-type: JKS trust-store-password: my-grails-password key-store: H:/minh_workspace/pki/my-grails-app.jks key-store-type: JKS key-store-password: my-grails-password cipher-suites: SSL_RSA_WITH_3DES_EDE_CBC_SHA
error message: "Caused by: org.springframework.beans.NotWritablePropertyException: Invalid property 'ssl' of bean class [org.apache.tomcat.jdbc.pool.DataSource]: Bean property 'ssl' is not writable or has an invalid setter method. Did you mean 'url'? "
comment: Grails does recognize the way I specified those properties.
My question to the Grails founders is how should/would I specify the properties I had in the index.gsp into either the application.yml or the application.groovy?
Thanks,
Minh High Performance Computing Modernization Program Lorton, Virginia
For questions please try Slack (http://slack-signup.grails.org) or StackOverflow (http://stackoverflow.com/tags/grails)