About Connecting to an Autonomous Transaction Processing Instance

Applications and tools connect to an Autonomous Transaction Processing instance using Oracle Net Services (also known as SQL*Net). Oracle Net Services enables a network session from a client application to an Oracle Database server.

When a network session is established, Oracle Net Services acts as the data courier for both the client application and the database. It is responsible for establishing and maintaining the connection between the client application and the database, as well as exchanging messages between them.

Oracle Net Services support a variety of connection types to the Autonomous Transaction Processing, including:

  • Oracle Call Interface (OCI), which is used by many applications written in C language. Examples include Oracle utilities such as Oracle SQL*Plus, SQL*Loader, and Oracle Data Pump.

  • ODBC drivers, which can be used by applications running on Microsoft Windows, are layered over Oracle Call Interface (OCI).

  • JDBC OCI, which is used by Java language applications. JDBC OCI adds a layer over Oracle Call Interface for Java applications. The Oracle SQLcl command-line interface uses JDBC OCI.

  • JDBC Thin Driver, also for Java applications, is a pure Java driver. Oracle SQL Developer supports JDBC Thin Driver connections.

Third-party products and custom applications may use any of these connection types.

Secure Connections to Autonomous Transaction Processing

Connections to Autonomous Transaction Processing are made over the public Internet, and all applications use a secure connection. If you are familiar with using an Oracle Database within your own data center, you may not have previously used these secure connections; next we describe the basic concepts of secure database connections.

Many applications provide support for more than one connection type, but each type of connection to Autonomous Transaction Processing uses certificate authentication and Secure Sockets Layer (SSL). This ensures that there is no unauthorized access to the Autonomous Transaction Processing and that communications between the client and server are fully encrypted and cannot be intercepted or altered.

Certification authentication uses an encrypted key stored in a wallet on both the client (where the application is running) and the server (where your database service on the Autonomous Transaction Processing is running). The key on the client must match the key on the server to make a connection. A wallet contains a collection of files, including the key and other information needed to connect to your database service in the Autonomous Transaction Processing. All communications between the client and the server are encrypted.

The following figure shows client secure connections to Autonomous Transaction Processing.

Connecting to Autonomous Transaction Processing Through a Firewall

Most organizations protect networks and devices on a network using a firewall.  A firewall controls incoming and outgoing network traffic using rules which allow the use of certain ports and access to certain computers (or, more specifically IP addresses or host names).  An important function of a firewall is to provide separation between internal networks and the public internet.

Autonomous Transaction Processing is accessed using the public internet.  To access the Autonomous Transaction Processing from behind a firewall, the firewall must permit the use of the port specified in the database connection when connecting to the servers in the connection. The default port number for Autonomous Transaction Processing is 1522 (find the port number in the connection string from the tnsnames.ora file in your credentials ZIP file). For example, see the port value in the following tnsnames.ora file:

my_atpc_high = (description = ( 
                address=(protocol=tcps)
                (port=1522)
                (host=atpc.example.oraclecloud.com))
                (connect_data=(service_name=high.atp.oraclecloud.com))
                (security=(ssl_server_cert_dn="CN=atpc.example.oraclecloud.com,
                 OU=Oracle BMCS US,O=Oracle Corporation,L=Redwood City,ST=California,C=US")))

Your firewall must allow access to servers within the .oraclecloud.com domain using port 1522. To connect to Autonomous Transaction Processing, depending upon your organization's network configuration, you may need to use a proxy server to access this port or you may need to request that your network administrator open this port.

Using Application Continuity

Application Continuity is a feature that enables the replay, in a non-disruptive and rapid manner, of a request against the database after a recoverable error that makes the database session unavailable so an outage appears to the user as no more than a delayed execution of the request. With Application Continuity, Autonomous Transaction Processing, the Oracle drivers, and the Oracle connection pools all collaborate to mask many outages in a safe and reliable way.

You can change the failover type on Autonomous Transaction Processing using the DBMS_CLOUD_ADMIN procedures to enable or to disable Application Continuity. New sessions use the new failover type from the time when you modify the current value.

Note:

By default Application Continuity is disabled.

See Overview of Application Continuity for more information on Application Continuity.

See Enable and Disable Application Continuity for information on enabling and disabling Application Continuity in Autonomous Transaction Processing.