This site uses different types of cookies, including analytics and functional cookies (its own and from other sites). To change your cookie settings or find out more, click here. If you continue browsing our website, you accept these cookies.
Thanks @DaveF . Is it possible for Alteryx team to test and confirm. I work in a very restricted environment and we cannot install drivers without proper evidence. It would be great if Alteryx product confirms the possibility then I can ask IT folks to get the drivers based on evidence. @DaveF
Hi @DaveF, I tried this and unfortunately it doesn't work.
I suspect this is because under the hood Alteryx is ultimately calling the OCISessionBegin function in the Oracle driver and passing in OCI_CRED_RDBMS rather than OCI_CRED_EXT for the "credt" parameter:
When credt is OCI_CRED_RDBMS then username and password must be supplied and these credentials are used for authentication with Oracle
When credt is OCI_CRED_EXT then username and password must not be supplied and authentication with Oracle is via some external means as per the callers configuration (e.g. defined in sqlnet.ora).
I think it should be pretty easy for Alteryx to add support for Oracle external authentication...
Add an "External Authentication" checkbox to the Oracle Connection dialog (for OCI):
When unchecked the User Name and Password fields are enabled and mandatory
When checked the User Name and Password fields are cleared and disabled
Then when Alteryx is initiating a connection with Oracle via OCI:
if External Authentication is false then connect as per current functionality
if External Authentication is true then set credt to OCI_CRED_EXT and do not pass username and password (or if calling dpiConn_create then userName and password values must be zero length or NULL and createParams.externalAuth should be set to 1)
Examples using Node.js oracledb (which calls dpiConn_create which then calls OCISessionBegin)
This connection to our Oracle DB (protected with Kerberos authentication) fails:
with error "[Error: ORA-01017: invalid username/password; logon denied]".
This is the same error we get when we try to connect to the Oracle databse from Alteryx.
Whereas this connection to our Oracle DB (protected with Kerberos authentication) works:
i.e. setting externalAuth to true (and not supplying user and password) works due to the Oracle configuration in my environment.