Applications and tools connect to an Autonomous Data Warehouse instance using Oracle Net Services (also known as SQL*Net). Oracle Net Services enables a network session from a client application to an Oracle Database server.
When a network session is established, Oracle Net Services acts as the data courier for both the client application and the database. It is responsible for establishing and maintaining the connection between the client application and the database, as well as exchanging messages between them.
Oracle Net Services support a variety of connection types to the Autonomous Data Warehouse, including:
Oracle Call Interface (OCI), which is used by many applications written in C language. Examples include Oracle utilities such as Oracle SQL*Plus, SQL*Loader, and Oracle Data Pump.
ODBC drivers, which can be used by applications running on Microsoft Windows, are layered over Oracle Call Interface (OCI).
JDBC OCI, which is used by Java language applications. JDBC OCI adds a layer over Oracle Call Interface for Java applications. The Oracle SQLcl command-line interface uses JDBC OCI.
JDBC Thin Driver, also for Java applications, is a pure Java driver. Oracle SQL Developer supports JDBC Thin Driver connections.
Third-party products and custom applications may use any of these connection types.
Secure Connections to Autonomous Data Warehouse
Connections to Autonomous Data Warehouse are made over the public Internet, and all applications use a secure connection. If you are familiar with using an Oracle Database within your own data center, you may not have previously used these secure connections; next we describe the basic concepts of secure database connections.
Many applications provide support for more than one connection type, but each type of connection to Autonomous Data Warehouse uses certificate authentication and Secure Sockets Layer (SSL). This ensures that there is no unauthorized access to the Autonomous Data Warehouse and that communications between the client and server are fully encrypted and cannot be intercepted or altered.
Certification authentication uses an encrypted key stored in a wallet on both the client (where the application is running) and the server (where your database service on the Autonomous Data Warehouse is running). The key on the client must match the key on the server to make a connection. A wallet contains a collection of files, including the key and other information needed to connect to your database service in the Autonomous Data Warehouse. All communications between the client and the server are encrypted.
The following figure shows client secure connections to Autonomous Data Warehouse.
Connecting to Autonomous Data Warehouse Through a Firewall
Most organizations protect networks and devices on a network using a firewall. A firewall controls incoming and outgoing network traffic using rules which allow the use of certain ports and access to certain computers (or, more specifically IP addresses or host names). An important function of a firewall is to provide separation between internal networks and the public internet.
Autonomous Data Warehouse is accessed using the public internet. To access the Autonomous Data Warehouse from behind a firewall, the firewall must permit the use of the port specified in the database connection when connecting to the servers in the connection. The default port number for Autonomous Data Warehouse is 1522 (find the port number in the connection string from the
tnsnames.ora file in your
credentials ZIP file). For example, see the
port value in the following
my_adwc_high = (description = ( address=(protocol=tcps) (port=1522) (host=adwc.example.oraclecloud.com)) (connect_data=(service_name=example_high.adwc.oraclecloud.com)) (security=(ssl_server_cert_dn="CN=adwc.example.oraclecloud.com, OU=Oracle BMCS US,O=Oracle Corporation,L=Redwood City,ST=California,C=US")))
Your firewall must allow access to servers within the
.oraclecloud.com domain using port 1522. To connect to Autonomous Data Warehouse, depending upon your organization's network configuration, you may need to use a proxy server to access this port or you may need to request that your network administrator open this port.
Using Application Continuity
Application Continuity is a feature that enables the replay, in a non-disruptive and rapid manner, of a request against the database after a recoverable error that makes the database session unavailable so an outage appears to the user as no more than a delayed execution of the request. With Application Continuity, Autonomous Data Warehouse, the Oracle drivers, and the Oracle connection pools all collaborate to mask many outages in a safe and reliable way.
You can change the failover type on Autonomous Data Warehouse using the
DBMS_CLOUD_ADMIN procedures to enable or to disable Application Continuity. New sessions use the new failover type from the time when you modify the current value.
Note:By default Application Continuity is disabled.
See Overview of Application Continuity for more information on Application Continuity.
See Enable and Disable Application Continuity for information on enabling and disabling Application Continuity in Autonomous Data Warehouse.