Hide or encrypt password in SQL/PLSQL code
Hi,
I need some help or suggestions to hide or encrypt database user password in SQL/PLSQL code. In our environment, we use a connect string with username/password for the JDBC connection. Our goal is to take out the password string and read it or pass it to the code on the fly.
Thanks,
Subroto
So in the database somewhere you are storing username and password credentials? How do those credentials get sent to the Java application? Presumably, the Java application has to connect to the database, requiring a JDBC connection string, in order to query the table in order to get the username and password you've stored in the database.
Assuming there are two different JDBC connection strings-- one in the Java application that connects to the database and a second that is stored in the database and used later by the Java application, who do you want to protect the data from? Do you want to protect it from other database users? Or do you want to protect it from the Java developers? Or something else?
Justin
Similar Messages
-
Storing Encrypted passwords in SQL database
Hey folks!
I'm trying to encrypt a password to be put into a SQL database and then be decrypted when I pull it out to log a user in. Currently I can encrypt and store the password fine, but it's the grabbing and decrypting that is giving me troubles.
Sometimes I do get the correct string back from the decrypted database string, but not very often. The main error I get is BadPaddingException, which I've read in the forum is something to do with key/string descrepancies. I sometimes get a IllegalBlockSizeException as well.
When I look at the ASCII bytes stored in the database they are different from what is shown when I print them out on the screen using IE5.5.
I'm wondering if anyone out there has run into similar problems and overcame, or could help me along in the right direction. Thnx!
PJWhat you need to do is a combination of what has been said here. Let's say you are working with a MS SQL Server, encrypting with 3DES. You have your key located somewhere on the system and use that (or something else that is specific to that record).
1.) In your app, encrypt the text
2.) Base64 Encode it so you can shove it in the database (I have also put this as RAW bytes in an Oracle DB)
3.) make sure, when you are testing, that you check the length of the Base64 Encrypted Text you put in the database. SQL Server might add on extra characters to fill the field. i.e. if you are storing it in a varchar(250) field and you only fill 50 chars with your encrypted password, SQL Server might pad it with the extra 200. This will mess with your padding and throw an exception during the decryption process. I think I got around this with a simple TRIM statement when retrieving.
4.) Retrieve the text with a SQL statement
5.) Base64 Decode the text to get a byte array
6.) Use the decryption algorithm with your original key on the byte array.
I think that's it. Very quick. Low overhead on the server. Optimally, you would want to clear this from memory...blah blah blah....I could go on ;-p
I have a small API I've written for this using 3DES that has been working great ever since JCE 1.0. All I have to do is keygen a new key whenever I want to use it again.
Hope this helps,
RG -
Sql/Plsql code to store data into a temporary table from a text file
Dear all,
I need to create a temporary table getting data from a text file. I am very new to data loading could you please help me how to read the text file in to a temporary table.
i have text file like as below:
order* items : books Purchasing
start date:
8-11-09
Notes: Books are selling from aug10 to aug 25
Action performed*
Time*
Verified By*
sold* out from shop, sold out date:_________
+1.+
physics _______ book sold to ravi
+2.+
social _______ book this is a good book
sold to kiran
aug10th
ronald
+3.+
maths book to sal
+4.+
english book__________ this was a newbook
to raj
jak
return* to shop, return date:____________
+1.+
maths book return by:_____________ Verify book
aug11th
john
+2.+
story book by:_________ checked
aug14th
Now i need to create a temporary table with 5columns(order,Status,Action_Performed,Time,Verified_By) like as below:
Now i need to create a temporary table named as books_order with 5columns(order,Status,Action_Performed,Time,Verified_By) like as below:
Order status Action_Performed Time Verified_By
books Purchasing sold physics _______ book sold to ravi _______ _________
books Purchasing sold social _______ book this is a good book sold to kiran aug10th ronald
books Purchasing sold maths book to sal _____ __________
books Purchasing sold english book__________ this was a newbook to raj __________ jak
books Purchasing return maths book return by:_____________ Verify book aug11th john
books Purchasing return story book by:_________ checked aug14th _________
Thanks in advance.Hi,
Thanks for your suggestions. I Was able to get the data using utl_file.get_line. But i was not able to the data if it is in the below format:
I was able to read the data and storing if it is in the same line.But i dont know how to read below data
Book. Type Name Location Ownership Code
Story SL hyd SS-HYD
In this data i have to search for 'Book. type' and then i need to save the word 'Story' to the column 'Book_type'
Then i need to search for 'Name' and i need to save 'SL' into the column into 'Name'
Then i need to search for 'Location' and i need to save 'hyd' into the column into 'Location'
I was able to extract the data if it is in below format using utl_file.get_line
Known Author: Unknown
Less Selling Factors: Thunderstorms
Reason: Unknown
Any one can explain me how to solve the above criteria.
Below i am explaining the same problem in detail.
I have a text file as below and i have a table having 12 columns. Now i need to insert this text file into the table story_books.
CREATE TABLE story_books
book_id NUMBER,
Category VARCHAR2(100 BYTE),
Book_type VARCHAR2(100 BYTE),
Name VARCHAR2(700 BYTE),
Location VARCHAR2(700 BYTE),
Ownership_code VARCHAR2(700 BYTE),
Author VARCHAR2(700 BYTE),
Less_Sel_fact VARCHAR2(700 BYTE),
Reason VARCHAR2(700 BYTE),
Buying VARCHAR2(700 BYTE),
Suspected Book VARCHAR2(700 BYTE),
Conditions VARCHAR2(700 BYTE)
-------------------------text file---------------
Books Out Table: Books
Book. Type Name Location Ownership Code
Story SL hyd SS-HYD
Known Author: Unknown
Less Selling Factors: Thunderstorms
Reason: Unknown
Buying (if applicable):
Not Applicable
Suspected Book:
Unknown
Conditions to increace sales:
Advertisement in all areas
i was able to read the data and storing if it is in the same line.But i dont know how to read below data
Book. Type Name Location Ownership Code
Story SL hyd SS-HYD
In this data i have to search for 'Book. type' and then i need to save the word 'Story' to the column 'Book_type'
Then i need to search for 'Name' and i need to save 'SL' into the column into 'Name'
Then i need to search for 'Location' and i need to save 'hyd' into the column into 'Location'
I was able to extract the data if it is in below format using utl_file.get_line
Known Author: Unknown
Less Selling Factors: Thunderstorms
Reason: Unknown
Any one can explain me how to solve the above criteria.
Thanks in advance. -
Sql/Plsql code to export data into a temporary table from a text file
Dear all,
I need to create a temporary table getting data from a text file. I am very new to data loading could you please help me how to read the text file in to a temporary table.
i have text file like as below:
order items : books Purchasing
start date:
8-11-09
Notes: Books are selling from aug10 to aug 25
Action performed
Time
Verified By
sold out from shop, sold out date:_________
1.
physics _______ book sold to ravi
2.
social _______ book this is a good book
sold to kiran
aug10th
ronald
3.
maths book to sal
4.
english book__________ this was a newbook
to raj
jak
return to shop, return date:____________
1.
maths book return by:_____________ Verify book
aug11th
john
2.
story book by:_________ checked
aug14th
Now i need to create a temporary table and insert the data into the table from this text file.
Now i need to create a temporary table named as books_order with 5columns(order,Status,Action_Performed,Time,Verified_By) like as below:
Order status Action_Performed Time Verified_By
books Purchasing sold physics _______ book sold to ravi _______ _________
books Purchasing sold social _______ book this is a good book sold to kiran aug10th ronald
books Purchasing sold maths book to sal _____ __________
books Purchasing sold english book__________ this was a newbook to raj __________ jak
books Purchasing return maths book return by:_____________ Verify book aug11th john
books Purchasing return story book by:_________ checked aug14th _________
Thanks in advance.Isn't school work marvelous?
Create an external table.
http://www.morganslibrary.org/reference/externaltab.html
Getting the data into a temporary table may make sense in SQL Server ... but not in Oracle. -
Hi Mohan
Could you send that Oracle(SQL& PL/SQL) coding standard PDF file to my email please:
[email protected]
thanks,
SureshIsn't school work marvelous?
Create an external table.
http://www.morganslibrary.org/reference/externaltab.html
Getting the data into a temporary table may make sense in SQL Server ... but not in Oracle. -
To automate the SQL scripts using PLSQL Code
Hi All,
I have 20 database server (11.2.0.3) hosted on unix and Windows platforms.
Every day I have to kill inactive sessions from all the these 20 database servers. So I have made a below script::
connect sys/&&sys_password@&&tns_database_name as sysdba
SPOOL E:\DELETE_INACTIVE_SESSIONS.SQL
set PAGESIZE 1000
set LIN 5000
SET ECHO OFF;
SET FEEDBACK OFF;
SET HEADING OFF;
select 'alter system kill session '||'`'||SID||','||SERIAL#||'`'||' immediate;' from v$session where status='INACTIVE' and username in ('OSS_DICTIONARY','ADMINISTRATOR');
SPOOL OFF;
@@E:\DELETE_INACTIVE_SESSIONS.SQL
Is there any way so that this execution of script can be automated in PLSQL code for 20 servers so and that code could be put in batch file for execution(i.e. can be execute through batch file from my windows laptop).
ThanksShrma wrote:
Is there no way to handle the sql scripts in PLSQL code?
Well, remember that PL/SQL is executed on a specific server by a certain user so you are already connected when executing a PL/SQL code.
You could actually use a SQL Plus script to connect to different servers using connect and run your script.
i.e.:
SQL> connect sys/pwd_server1@db_server1
SQL> @killinactive.sql
SQL> connect sys/pwd_server2@db_server2
SQL> @killinactive.sql
But it does not make so much difference with my previous solution.
Please explain exactly what you would like to do.
Regards.
Al -
How to consume Web Service with Password digest from PLSQL
We have Oracle 10g (10.2.0.3.0) 64 bit. We have a situation where we need to consume web service whose security header looks like as follow,
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-50">
<wsse:Username>weblogic</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">d2enK45chjBPVvvukbYU6OX56kI=</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">YAhEtLJfp4lzycLd3hZYjQ==</wsse:Nonce>
<wsu:Created>2013-01-22T06:28:38.897Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
Here we need passowrd digest, Nonce and Timestamp.
How to create password digest from PLSQL? or if any other alternatives available please response soon.I do not see why it will not be possible to do digest authentication with a web server using PL/SQL.
As for the digest password - the web server supplies a token (a nonce) which you need to use for creating the hashed authentication token (the digest password). The URL I posted explains this authentication process.
As for the technical how-to in PL/SQL - as I mentioned, never had to do this (only dealt with Basic and NTLM authentication thus far). But as other auth methods (such as Microsoft's NTLM) can be implemented, I do not see why digest authentication could not.
Suggest you spend some time googling for technical articles/sample code on the subject - and try to find specific PL/SQL related sample code too. -
How to encrypte password using form 6i?
Dear all,
How to encrypte password using form 6i?
Best Regards,
Amy
Edited by: amychan60 on Sep 29, 2008 8:23 PMDBMS_CRYPTO and DBMS_OBFUSCATION_TOOLKIT packages provide APIs for data encryption.
Note: 102902.1 - Encrypting Data using the DBMS_OBFUSCATION_TOOLKIT package
https://metalink2.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=102902.1
Note: 197400.1 - Example Code Encrypting Credit Card Numbers
https://metalink2.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=197400.1
Developing Applications Using Data Encryption
http://download.oracle.com/docs/cd/B19306_01/network.102/b14266/apdvncrp.htm -
Can I create ASP user validated website using existing MD5 passwords from SQL table?
I'm attempting to build a user authenticated site in Dreamweaver CS5 using an existing USERS table from another site. The password field in the existing SQL table appears to be MD5 encoded. How can I MD5 encode the form field (or the SQL query) so that it verifies MD5 to MD5?
Currently, it's comparing the form's plain text field to the MD5 encrypted password field in SQL.
I've built a simple login form using the following:
<form id="form1" name="form1" method="POST" action="<%=MM_LoginAction%>">
<input name="username" type="text" id="username" accesskey="u" tabindex="1" /><input name="password" type="password" id="password" accesskey="p" tabindex="2" /><input name="submit" type="submit" value="submit" />
</form>
With the stock Dreamweaver Log In User Server Behavior as follows:
<%
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString <> "" Then MM_LoginAction = MM_LoginAction + "?" + Server.HTMLEncode(Request.QueryString)
MM_valUsername = CStr(Request.Form("username"))
If MM_valUsername <> "" Then
Dim MM_fldUserAuthorization
Dim MM_redirectLoginSuccess
Dim MM_redirectLoginFailed
Dim MM_loginSQL
Dim MM_rsUser
Dim MM_rsUser_cmd
MM_fldUserAuthorization = ""
MM_redirectLoginSuccess = "results.asp"
MM_redirectLoginFailed = "error.html"
MM_loginSQL = "SELECT user_name, password"
If MM_fldUserAuthorization <> "" Then MM_loginSQL = MM_loginSQL & "," & MM_fldUserAuthorization
MM_loginSQL = MM_loginSQL & " FROM dbo.users WHERE user_name = ? AND password = ?"
Set MM_rsUser_cmd = Server.CreateObject ("ADODB.Command")
MM_rsUser_cmd.ActiveConnection = MM_ADSX_STRING
MM_rsUser_cmd.CommandText = MM_loginSQL
MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param1", 200, 1, 32, MM_valUsername) ' adVarChar
MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param2", 200, 1, 32, Request.Form("password")) ' adVarChar
MM_rsUser_cmd.Prepared = true
Set MM_rsUser = MM_rsUser_cmd.Execute
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
Session("MM_Username") = MM_valUsername
If (MM_fldUserAuthorization <> "") Then
Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
Else
Session("MM_UserAuthorization") = ""
End If
if CStr(Request.QueryString("accessdenied")) <> "" And false Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied")
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
%>
Please help!unfortunately classic asp does not have a built in function for md5. what we used for our legacy sites is a javascript that hashes a string to MD5. here's the code we've used in the past http://pajhome.org.uk/crypt/md5/md5.html
your asp should have something like this...
<script language="jscript" src="path_to_js_file/md5.js" runat="server"></script>
<%
'hash the password
Dim md5password ' md5password variable will hold the hashed text from form variable txtPassword
md5password = hex_md5(""&Request("txtPassword")&"")
' based on the code you posted...
MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param2", 200, 1, 32, md5password) ' adVarChar
%> -
Dear All,
i want to insert encrypted Password of 'password' string into table user_dtl column PASSWORD .
How can i insert Encripted password into table.
ThanksHi Vedant,
See the CUSTOM_HASH function that is installed with sample application in the APEX.
Here is the code for it:
create or replace function custom_hash (p_username in varchar2, p_password in varchar2)
return varchar2
is
l_password varchar2(4000);
l_salt varchar2(4000) := 'XFSPL28ZTWEWWM6FHWMK68AG5NQVLU';
begin
-- This function should be wrapped, as the hash algorithm is exposed here.
-- You can change the value of l_salt or the method of which to call the
-- DBMS_OBFUSCATOIN toolkit, but you much reset all of your passwords
-- if you choose to do this.
l_password := utl_raw.cast_to_raw(dbms_obfuscation_toolkit.md5
(input_string => p_password || substr(l_salt,10,13) || p_username ||
substr(l_salt, 4,10)));
return l_password;
end;
i want to insert encrypted Password of 'password' string into table user_dtl column PASSWORD.The above function will give the encrypted password which can be inserted into USER_DTL as follows:
INSERT INTO USER_DTL(USERNAME,PASSWORD) VALUES(:P1_USERNAME, CUSTOM_HASH(:P1_USERNAME,:P1_PASSWORD))Be sure that PASSWORD column in USER_DTL is of type VARCHAR2 and of adequate length as to accommodate the encrypted password.
Hope it helps!
Regards,
Kiran -
Decrypt the encrypted password
Hi there,
I have been scratching my head for some time to fix one issue. We are planning to change the plateform/technology and we need to bring over existing login to new system. In order to have the same password I need to decrypt the password before I send it to new system. When we stored the password, it encrypts them and stores it in database. I am using following code to decrypt it. it's not worlking . This is error I am getting.
Given final block not properly padded
Here is some more information:
Key is :javax.crypto.spec.SecretKeySpec@18f3a
Format is :RAW
getAlgorithm() is :DES
String encrypted = abcdefgh
Provider is: com.sun.crypto.provider.SunJCE()
This is my code to decrypt which throws error " Given final block not properly padded" :
public String decrypt(String encrypted){
Cipher ci = null;
byte [] result = null;
try {
ci = Cipher.getInstance("DES");
ci.init(Cipher.DECRYPT_MODE, key);
System.out.println("CryptoUtil()" +"before hexToByteArray. Byte Data: "+encrypted);
byte [] encryptedData = hexToByteArray(encrypted, false);
//Log.out("CryptoUtil()" +"after hexToByteArray. lenth: "+ encryptedData.length);
result = ci.doFinal(encryptedData);
catch (Exception e) {
System.out.println("CryptoUtil()" +"ERROR: "+ e.getMessage());
return encrypted;
String strResult = new String(result);
return strResult;
Please help.
Thank you.These are the two values I am getting for encrypted password:
97654de7857cd9aab331995cba044fc6
a125a6b2a71e23adc002ac7fbe1a1042
Is this a hex code?
I think the key is: abcdefgh
This is my code to encrypt and decrypt:
* empty constructor
* @param keydata
public CryptoUtil(String keydata){
if (keydata.trim().equals("")){
logDebug("CryptoUtil()" +" Constructor didn't get a valid key!");
usage();
System.exit(0);
}else{
keyBytes = keydata.getBytes();
key = new SecretKeySpec(keyBytes, 0, keyBytes.length, "DES");
try {
Provider sp = new com.sun.crypto.provider.SunJCE();
//logDebug("CryptoUtil() " + sp.getInfo());
Security.addProvider(sp);
}catch (Exception ex) {
logDebug("CryptoUtil() " +"Problem loading crypto provider \n error:"+ex.getMessage());
usage();
System.exit(0);
* Encrypt
* @param s
public String encrypt(String s){
Cipher ci = null;
byte [] result = null;
try {
ci = Cipher.getInstance("DES");
ci.init(Cipher.ENCRYPT_MODE, key);
result = ci.doFinal(s.getBytes());
}catch (Exception e) {
logDebug("CryptoUtil()" +"ERROR: "+ e.getMessage());
String strResult = byteArrayToHex(result);
return strResult;
* decrypt a card number
* @param encrypted
public String decrypt(String encrypted){
Cipher ci = null;
byte [] result = null;
try {
ci = Cipher.getInstance("DES");
ci.init(Cipher.DECRYPT_MODE, key);
//Log.out("CryptoUtil()" +"before hexToByteArray. Byte Data: "+encrypted);
byte [] encryptedData = hexToByteArray(encrypted, false);
//Log.out("CryptoUtil()" +"after hexToByteArray. lenth: "+ encryptedData.length);
result = ci.doFinal(encryptedData);
catch (Exception e) {
logError("CryptoUtil()" +"ERROR: "+ e.getMessage());
return encrypted;
String strResult = new String(result);
return strResult;
static final String hexDigitChars = "0123456789abcdef";
* @param a
public static final String byteArrayToHex(byte [] a) {
int hn, ln, cx;
StringBuffer buf = new StringBuffer(a.length * 2);
for(cx = 0; cx < a.length; cx++) {
hn = ((int)(a[cx]) & 0x00ff) / 16;
ln = ((int)(a[cx]) & 0x000f);
buf.append(hexDigitChars.charAt(hn));
buf.append(hexDigitChars.charAt(ln));
buf.append(' ');
return buf.toString();
* @param str
* @param rev
public static final byte [] hexToByteArray(String str, boolean rev) {
StringBuffer acc = new StringBuffer(str.length() + 1);
int cx, rp, ff, val;
char [] s = new char[str.length()];
str.toLowerCase().getChars(0, str.length(), s, 0);
for(cx = str.length() - 1, ff = 0; cx >= 0; cx--) {
if (hexDigitChars.indexOf(s[cx]) >= 0) {
acc.append(s[cx]);
ff++;
}else {
if ((ff % 2) > 0) acc.append('0');
ff = 0;
if ((ff % 2) > 0) acc.append('0');
byte [] ret = new byte[acc.length() / 2];
for(cx = 0, rp = ret.length - 1; cx < acc.length(); cx++, rp--) {
val = hexDigitChars.indexOf(acc.charAt(cx));
cx++;
val += 16 * hexDigitChars.indexOf(acc.charAt(cx));
ret[rp] = (byte)val;
if (rev) {
byte tmp;
int fx, bx;
for(fx = 0, bx = ret.length - 1; fx < (ret.length / 2); fx++, bx--) {
tmp = ret[bx];
ret[bx] = ret[fx];
ret[fx] = tmp;
return ret;
Will that give you any more information to help me? -
Reading Encrypted Password from Configuration File and Decrypt it at login
Hi All,
My application reads a configuration file to connect to the ORACLE database. The values defined for password are clear text as given below:
user: 'mh'
password='abcd1234'
Is there is any way I can give an encrypted password in the configuration file instead of a clear text file and at the time of login ORACLE decrypts it. I am using ORACLE 11g Database.
My company have a requirement that passwords are not stored in the clear in properties files. the reason being I suppose that if the password is stored in plaintext someone could hit the property file directly, get the password and then connect to the database with it.
For a regular user connecting through an Oracle client or SQL Developer they would need to have the plaintext password in order to connect.
its based on the requirements of
International Standards Organization Guidance
ISO 17799 � 9.5.4 requires password management systems to:
� enforce the use of individual passwords
� allow users to select and change their own passwords if appropriate
� enforce a choice of quality passwords
� force regular changes of passwords
� maintain a record of previous user passwords to prevent re-use
� not display passwords when they are being entered
� store password files separately from application system data
� store passwords in encrypted form using a one way encryption algorithm
� alter default vendor passwords following installation of software
So if I can store the password encrypted using a one way algorithm then hacker/user couldn't decrypt it and then access the database.
I have feeling there is a way of configuring this in Oracle advanced Security, but just can't quite get it to work.
Edited by: user5568473 on 20-May-2013 00:05So if I can store the password encrypted using a one way algorithm then hacker/user couldn't decrypt it and then access the database.... and neither can your application. Encryption is needed in this case. The decryption must be written into your application. I've written my own in some cases, but finding a library for your development language is a smarter solution.
One alternative is using an Oracle wallet. It doesn't fit every circumstance and does have some maintenance headaches.
You can set up a basic secure password store to encrypt and store the password for a given user@instance combination, and then connect to the database without passing a password. SQL*Net adds in the appropriate password from the wallet for when you connect.
http://www.oracle.com/technetwork/database/security/twp-db-security-secure-ext-pwd-stor-133399.pdf
Advanced Security Option also allows you to set up a Public Key Infrastructure connections (SSL encryption and/or authentication). It also uses a wallet to store the SSL certificates and credentials. I don't have personal experience on this approach.
SSL and the wallet allow you to connect to the database similar to CONNECT/@net_service_name or sqlplus /@net_service_namehttp://docs.oracle.com/cd/B28359_01/network.111/b28530/asossl.htm#CIHCBIEG -
Need advise on SQL,plsql developer career and future
Hi all,
I need all your advise in making an important decisions of my career path.I work in the IT field and have about total 4-5 years of work experience involving development and testing in a product based organization.
Presently-i have got chance since last 4-5 months to work with writing PLSQL code,SQL etc on a part basis. I am very much interested to continue my career path as a PLSQL developer.
But, unfortunately -in the total of my work experience-in the past 2-3 years-i worked with a internally developed DB query language(similar to SQL) and then from last few months with plsql. But this chance to work with PLSQL has been for less time and limited scope after which i will have to work on something different.
Ii want to fully take on my career in SQL,PLSQL as Database Developer.
Please advise me if my thinking seems logical and good and if I could do it. I have planned on applying for relevant SQL,PLSQL profile jobs.
Now, My serious worry and concern is I feel that since i have worked very less with PLSQL-so am low in confidence that I feel i wont be able to answer ,or tell or not knowledgeable enough to be able to clear the technical interviews for SQL,plsql development profile which would need at least some years of experience.
I have started studying and practsing PLSQL,sql by myself for from internet. So, can you all please advise me on how could i prepare myself for hard core technical interviews of SQL,PLSQL knowledge for about 2-3 years expertise.
I know its not much possible to be competent so much in the subject by just studying and practicing.Its easy as saying to study and get it by myself-but i want to try and will put my best for it.
Please help me with your inputs,all interview questions,hard ones-suggestions,links,any study materials, real time problems which i can try solving of SQL, PLSQL development.
Thanks AllHi,
A very good starting point is (in my opinion): [Steven Feuerstein PL/SQL Obsession|http://www.toadworld.com/Knowledge/DatabaseKnowledge/StevenFeuersteinsPLSQLObsession/tabid/153/Default.aspx]. Also the official site [PL/SQL Technology Center|http://www.oracle.com/technology/tech/pl_sql/index.html]
Regards, -
Problems setting up username & password for SQL
Due to the outstanding advice I recieved from this excellent forum, I have managed to overcome my first problem with declaring a new Class.
This leads me to request help with my next biggest problem:
Setting up a user GUI that takes a "username" & "password" that will be used to access a password protected database.
I am a simple bloke, with simple thought processes, so please, go easy on me...
import java.awt.*;
import java.awt.event.*;
import javax.swing.*;
import java.sql.*;
public class DBQuery1 {
String username = "" , password = "";
public static void main(String[] arguments) {
PassDB UPass = new PassDB();
String data = "jdbc:odbc:JavaTestDataBase";
try {
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
Connection conn = DriverManager.getConnection(data, "" + username, "" + password);
Statement st = conn.createStatement();
ResultSet rec = st.executeQuery(
"SELECT Title, ContactID, First, Last, Dear FROM Contacts "
+ "WHERE (Title='Mr') ORDER BY ContactID");
/* ResultSet rec2 = st.executeQuery(
"SELECT Subject, ContactID FROM Calls "
+ "WHERE (Subject Is Not Null) ORDER BY ContactID");
System.out.println("\nFirst Name\tSurname\t\tNick Name\t\tSubject\n");
while(rec.next()) {
System.out.println(rec.getString(3) + "\t\t" + rec.getString(4) + "\t\t" + rec.getString(5) /* + rec2.getString(1) */ );
st.close();
catch (SQLException s) {
System.out.println("SQL Error: " + s.toString() + " " + s.getErrorCode() + " " + s.getSQLState());
catch (Exception e) {
System.out.println("Error: " + e.toString() + e.getMessage());
class PassDB extends javax.swing.JFrame implements ActionListener {
String username = "", password = "";
JTextField uname = new JTextField(10);
JTextField pword = new JTextField(10);
// JPasswordField pword = new JTextField(10);
PassDB() {
super("duBe's database logon");
setSize(220, 160);
setDefaultCloseOperation(EXIT_ON_CLOSE);
JPanel pane = new JPanel();
JLabel unameLabel = new JLabel ("Username: ");
JLabel pwordLabel = new JLabel ("Password: ");
JButton submit = new JButton("OK");
submit.addActionListener(this);
pane.add(unameLabel);
pane.add(uname);
pane.add(pwordLabel);
pane.add(pword);
pane.add(submit);
setContentPane(pane);
setVisible(true);
public void actionPerformed(ActionEvent evt) {
PassDB clicked = (PassDB)evt.getSource();
username = uname.getText();
password = pword.getText();
This code generates two errors, stating:
C:\Java_progs>javac DBQuery1.java
DBQuery1.java:14: non-static variable username cannot be referenced from a static context
Connection conn = DriverManager.getConnection(data, "" +
username, "" + password);
^
DBQuery1.java:14: non-static variable password cannot be referenced from a static context
Connection conn = DriverManager.getConnection(data, "" +
username, "" + password);
^
2 errors*****************************
The code works when I remove the reference to the variables "username" & "password" in Connection "conn" call & replace them with the actual username & password, but this is not exactly what I was after. I was hoping to make the program responsive to each individual user, not set in code.
I also would like to make the program pause after the call in "main" to "PassDB" to wait for "PassDB" to exit before continuing.
I would also like to make "PassDB" destroy itself after the "OK" button is pressed & the "username" & "password" set.
If that isn't enough for you, I would really like the program to search 2 different database tables, return their values & compare them to be sure that they are the same.
When I try & search 2 different tables, as in:
ResultSet rec = st.executeQuery(
"SELECT Title, ContactID, First, Last, Dear FROM Contacts "
+ "WHERE (Title='Mr') ORDER BY ContactID");
ResultSet rec2 = st.executeQuery(
"SELECT Subject, ContactID FROM Calls "
+ "WHERE (Subject Is Not Null) ORDER BY ContactID")javac tells me that "ResultSet" is set to null 0
As always, I am extremely appreciative of any assistance you are able to offer.
Kind regards
duBedat
[email protected]This is where I'm at now:
import java.awt.*;
import java.awt.event.*;
import javax.swing.*;
import java.sql.*;
public class DBQuery {
static String username = "" ;
static String password = "" ;
public static void main(String[] arguments) {
PassDB UPass = new PassDB();
String data = "jdbc:odbc:JavaTestDataBase";
try {
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
Connection conn = DriverManager.getConnection(data, "" + DBQuery.username, "" + DBQuery.password);
Statement st = conn.createStatement();
ResultSet rec = st.executeQuery(
"SELECT Title, ContactID, First, Last, Dear FROM Contacts "
+ "WHERE (Title='Mr') ORDER BY ContactID");
/* ResultSet rec2 = st.executeQuery(
"SELECT Subject, ContactID FROM Calls "
+ "WHERE (Subject Is Not Null) ORDER BY ContactID");
System.out.println("\nFirst Name\tSurname\t\tNick Name\t\tSubject\n");
while(rec.next()) {
System.out.println(rec.getString(3) + "\t\t" + rec.getString(4) + "\t\t" + rec.getString(5) /* + rec2.getString(1) */ );
st.close();
catch (SQLException s) {
System.out.println("SQL Error: " + s.toString() + " " + s.getErrorCode() + " " + s.getSQLState());
catch (Exception e) {
System.out.println("Error: " + e.toString() + e.getMessage());
class PassDB extends javax.swing.JFrame implements ActionListener {
static boolean getOut = false;
JTextField uname = new JTextField(10);
JTextField pword = new JTextField(10);
// JPasswordField pword = new JTextField(10);
public PassDB() {
super("duBe's database logon");
setSize(220, 160);
setDefaultCloseOperation(EXIT_ON_CLOSE);
JPanel pane = new JPanel();
JLabel unameLabel = new JLabel ("Username: ");
JLabel pwordLabel = new JLabel ("Password: ");
JButton submit = new JButton("OK");
submit.addActionListener(this);
pane.add(unameLabel);
pane.add(uname);
pane.add(pwordLabel);
pane.add(pword);
pane.add(submit);
setContentPane(pane);
while(getOut == false)
setVisible(true);
public void actionPerformed(ActionEvent evt) {
PassDB clicked = (PassDB)evt.getSource();
DBQuery.username = uname.getText();
DBQuery.password = pword.getText();
getOut = true;
} Any advice is greatly appreciated
duBe -
How to write a file in unix server through oracle plsql code
Hi All,
My requirement is to create and write a file (any file for eg txt file) in unix box with in a specified directory through oracle plsql code.
Oracle sits in windows server.
using utl_file package we can create directory where oracle resides and write it there in oracle server in our case windows..
But here we need to create,write a file but in unix server which is different server than where the oracle server resides..
we are using Oracle Database 11g Enterprise Edition Release 11.2.0.2.0 - 64bit Production
PL/SQL Release 11.2.0.2.0 - Production
Can any one one please help me out in this issue...
Thanks in Advance.
PrakashMr Prakash,
Why are you asking this question multiple times in every forum you can spell?
Valid responses have been presented to you already two times.
Can you explain why you can't follow them up, but continue to abuse this forum by repeating doc questions?
Sybrand Bakker
Senior Oracle DBA
Maybe you are looking for
-
Remote debugging with Eclipse and WS7
Any idea how I can set this up? Thanks
-
Can I have two loader components in one flash file (my main web page) I have a main loader for my pages to load into when the corresponding button is clicked. I need to add a second one for a small .swf file of a interactive calendar. So I guess I
-
Is it necessary to move your iPod to the "Off" position when it is not in use?? I am asking because all the iPod cases that clip to your waist do not provide access to the "Off", "Play in Order", or "Shuffle Songs" button. Surely it is not necessary
-
I am trying to find out how to set my phone so that e-mail automatically pushes through to my handset as soon as it arrives on the server. I spoke to someone at Apple technical support, no offence to her but she did sound a little clueless! I remembe
-
Hi, I have been trying to put defaultNodeIconSource, but the image does not show up. I have done the following: - src/mimes/components/com.tree.test/abc.jpg - In the Tree Component, property defaultNodeIconSource, put value abc.jpg. The image does no