ORA-28040: No matching authentication protocol when connecting GRLoader to a Oracle 12c database

book

Article ID: 109810

calendar_today

Updated On:

Products

SUPPORT AUTOMATION- SERVER CA Service Desk Manager - Unified Self Service KNOWLEDGE TOOLS CA Service Management - Asset Portfolio Management CA Service Management - Service Desk Manager

Issue/Introduction

Error message when connecting GRLoader to a Oracle 12c database:

grloader -a -n -u ServiceDesk -p <password> -s <SDM Server> -P -tf rule_file.rul -E -dbdriver oracle.jdbc.OracleDriver -dbuser system -dbpswd <DB Password> -dburl jdbc:oracle:thin:@oracleserver:1521:orcl -cfg <Config File>

13:56:24.260 CI and Relationship Loader for CA Service Desk Manager R17.0
grJDBCrdr1500 Unable to access database url(jdbc:oracle:thin:@oracleserver:1521:orcl) userid(system) reason(ORA-28040): No matching authentication protocol

Cause

This actually implies that the authentication protocols used between client and server do not match. In Oracle 12c, the authentication protocol uses SHA-2 encryption algorithm by default, where older clients use SHA-1. So when an older client is used with defaults, the server will not accept the connection.

GRLoader uses ojdbc14.jar:



See GRLoader MANIFEST file below:

Manifest-Version: 1.0
Class-Path: ../classes axis-ant.jar axis.jar commons-discovery.jar com
mons-logging.jar jaxrpc.jar log4j-1.2.8.jar saaj.jar wsdl4j.jar xerce
sImpl.jar xml-apis.jar slump.jar mail.jar activation.jar rt.jar sqljd
bc.jar ojdbc14.jar
Created-By: 1.8.0_112 (Oracle Corporation)
Main-Class: com.ca.CMDB.GRLoader.GRLoader

Environment

CA Service Desk Manager 17.1
CA Service Desk Manager 17.0
CA Service Desk Manager 14.1

Resolution

Ask your DBA to update the sqlnet.ora file on the Oracle server machine and add the following line:

SQLNET.ALLOWED_LOGON_VERSION=8

This should allow older versions of the Oracle ODBC driver to connect to Oracle server.  After restarting the Oracle server the error message should not appear again.

Additional Information

ORA-28040: No matching authentication protocol – SQLNET.ALLOWED_LOGON_VERSION_SERVER

Attachments