Oracle Advanced Security in Direct Mode

[brandonlw]

Is Oracle Advanced Security supported in Direct mode (instead of OCI mode)?

My company is interested in encrypting the connection (or at the very least, the credential exchange upon connection), and the existing environment uses Direct mode exclusively. We would prefer not to switch to OCI mode if possible.

[Pinturiccio]

The Data Encryption and Data Integrity feature in the Direct mode is supported in dotConnect for Oracle 9.1.131. It can be downloaded at http://www.devart.com/dotconnect/oracle/download.html (trial version) or at Registered Users' Area (for users with valid subscriptions only).

By default, in the Direct mode SQLNET.ENCRYPTION_CLIENT = ACCEPTED. That is, if server requests encryption, connection will be encrypted.

[brandonlw]

Is there any documentation on how to use this functionality?

Is there anything we need to set in dotConnect to enable this functionality? Can the encryption algorithm be specified or anything else, as would typically be done in the sqlnet.ora file on the client?

[Pinturiccio]

At the moment there is no documentation for this feature on our website. This feature was added to dotConnect for Oracle only recently, and the documentation for it will be available on our website soon. The most recent build of dotConnect for Oracle already includes documentation files with a description of this functionality in the article about the Direct mode.

In Oracle Client, Data Encryption & Data Integrity are configured as described in the following article: https://docs.oracle.com/cd/E11882_01/ne ... m#ASOAG020. For the Direct mode, SQLNET.ENCRYPTION_CLIENT=accepted is used by default. This means, if the server requires encryption, it will be used.