合 ORA-28040: No matching authentication protocol
前言部分
导读和注意事项
各位技术爱好者,看完本文后,你可以掌握如下的技能,也可以学到一些其它你所不知道的知识,~O(∩_∩)O~:
① 告警日志中频繁出现Using deprecated SQLNET.ALLOWED_LOGON_VERSION parameter、ORA-28040: No matching authentication protocol错误,9i的客户端连接到12c高版本的解决方案
② Windows下使用oerr命令
故障分析及解决过程
故障环境介绍
项目 | source db |
---|---|
db 类型 | RAC |
db version | 12.1.0.2.0 |
db 存储 | ASM |
OS版本及kernel版本 | SuSE Linux Enterprise Server(SLES 11) 64位 |
故障发生现象及报错信息
告警日志中频繁出现Using deprecated SQLNET.ALLOWED_LOGON_VERSION parameter。
或JDBC连接Oracle12c报如下错误:
1 2 3 4 5 6 7 8 9 10 11 12 13 | Caused by: java.sql.SQLException: ORA-28040: No matching authentication protocol at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112) at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:331) at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:283) at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:278) at oracle.jdbc.driver.T4CTTIoauthenticate.receiveOsesskey(T4CTTIoauthenticate.java:294) at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:357) at oracle.jdbc.driver.PhysicalConnection.(PhysicalConnection.java:441) at oracle.jdbc.driver.T4CConnection.(T4CConnection.java:165) at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:35) at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:801) at java.sql.DriverManager.getConnection(DriverManager.java:582) at java.sql.DriverManager.getConnection(DriverManager.java:154) |
或者使用9i的客户端去连接12c的数据库就会报ORA-28040: No matching authentication protocol这个错误。
故障分析及解决过程
使用oerr命令来查看,在Oracle 11g下:
1 2 3 4 5 6 7 8 | [oracle@orcltest ~]$ oerr ora 28040 28040, 0000, "No matching authentication protocol" // *Cause: No acceptible authentication protocol for both client and server // *Action: Administrator should set SQLNET_ALLOWED_LOGON_VERSION parameter // on both client and servers to values that matches the minimum // version supported in the system. [oracle@orcltest ~]$ |
12c下:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | oracle@HQsPSL-PSCV-R02:/oracle/app/oracle> oerr ora 28040 28040, 0000, "No matching authentication protocol" // *Cause: There was no acceptable authentication protocol for // either client or server. // *Action: The administrator should set the values of the // SQLNET.ALLOWED_LOGON_VERSION_SERVER and // SQLNET.ALLOWED_LOGON_VERSION_CLIENT parameters, on both the // client and on the server, to values that match the minimum // version software supported in the system. // This error is also raised when the client is authenticating to // a user account which was created without a verifier suitable for // the client software version. In this situation, that account's // password must be reset, in order for the required verifier to // be generated and allow authentication to proceed successfully. |
可以看到,该参数在11g和12c下的解决方案是不同的。
查询了一下参数SQLNET.ALLOWED_LOGON_VERSION,发现该参数在12c中以废弃,而是采用SQLNET.ALLOWED_LOGON_VERSION_CLIENT和SQLNET.ALLOWED_LOGON_VERSION_SERVER代替。
客户说是之前碰到了ORA-28040: No matching authentication protocol的错误才加上该参数的。