今天遇到一个连接192.168.56.102这个库报错
Java.sql.SQLException: ORA-28040: No matching authentication protocol
Oracle 12C下查询此报错
oralce:/oracle/db/app/12.1.0/db/network/admin> oerr ora 28040
28040, 0000, "No matching authentication protocol"
// *Cause: There was no acceptable authentication protocol for
// either client or server.
// *Action: The administrator should set the values of the
// SQLNET.ALLOWED_LOGON_VERSION_SERVER and
// SQLNET.ALLOWED_LOGON_VERSION_CLIENT parameters, on both the
// client and on the server, to values that match the minimum
// version software supported in the system.
// This error is also raised when the client is authenticating to
// a user account which was created without a verifier suitable for
// the client software version. In this situation, that account's
// password must be reset, in order for the required verifier to
// be generated and allow authentication to proceed successfully.
Oracle 11g下查询报错
oracle@oralce:/oracle/app/oracle/product/11.2.0/db/network/admin$ oerr ora 28040
28040, 0000, "No matching authentication protocol"
// *Cause: No acceptible authentication protocol for both client and server
// *Action: Administrator should set SQLNET_ALLOWED_LOGON_VERSION parameter
// on both client and servers to values that matches the minimum
// version supported in the system.
很明显,在11G和12C下的解决方案是不一样的。
在11G中的参数是SQLNET_ALLOWED_LOGON_VERSION;
而在12C中的参数是SQLNET.ALLOWED_LOGON_VERSION_SERVER和SQLNET.ALLOWED_LOGON_VERSION_CLIENT
因为我的环境是12C的,所以我使用12C的解决方式,设置以上2个参数。
因为我的环境上没有sqlnet.ora文件,所以新建了一个
vi sqlnet.ora
SQLNET.ALLOWED_LOGON_VERSION_SERVER=8
SQLNET.ALLOWED_LOGON_VERSION_CLIENT=8
然后重启监听
lsnrctl reload
LSNRCTL for IBM/AIX RISC System/6000: Version 12.1.0.2.0 - Production on 13-JUN-2017 11:42:52
Copyright (c) 1991, 2016, Oracle. All rights reserved.
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
TNS-01190: The user is not authorized to execute the requested listener command
oralce:/oracle/db/app/12.1.0/db/network/admin>
oralce:/oracle/db/app/12.1.0/db/network/admin>
oralce:/oracle/db/app/12.1.0/db/network/admin> lsnrctl status
LSNRCTL for IBM/AIX RISC System/6000: Version 12.1.0.2.0 - Production on 13-JUN-2017 11:42:57
Copyright (c) 1991, 2016, Oracle. All rights reserved.
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for IBM/AIX RISC System/6000: Version 12.1.0.2.0 - Production
Start Date 09-JUN-2017 22:46:07
Uptime 3 days 12 hr. 56 min. 50 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /oracle/gridhome/app/12.1.0/grid/network/admin/listener.ora
Listener Log File /oracle/grid/diag/tnslsnr/oralce/listener/alert/log.xml
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=LISTENER)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=135.10.89.101)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=135.10.89.103)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=oralce)(PORT=5500))(Security=(my_wallet_directory=/oracle/db/app/12.1.0/db/admin/zykgdb/xdb_wallet))(Presentation=HTTP)(Session=RAW))
Services Summary...
Service "+ASM" has 1 instance(s).
Instance "+ASM2", status READY, has 1 handler(s) for this service...
Service "zykgdb" has 1 instance(s).
Instance "zykgdb2", status READY, has 1 handler(s) for this service...
Service "zykgdbXDB" has 1 instance(s).
Instance "zykgdb2", status READY, has 1 handler(s) for this service...
The command completed successfully
如果是RAC,那么就需要在2个节点都设置sqlnet.ora文件。