Configuring OFSAA and Tomcat as Web Application Server with Oracle Wallet

  1. On Primary Tomcat Server instance, since there is no Oracle Client on the Tomcat Server instance, manually create a directory called "network" and copy tnsnames.ora, sqlnet.ora files into the "network" folder. Copy complete wallet directory "clientwallet" configured from OFSAA layer.
  2. Modify sqlnet.ora with new WALLET_LOCATION path.
  3. Add the following Java properties in catalina.sh file after -Djava.io.tmpdir="\"$CATALINA_TMPDIR\"" \ entry. This needs to be added in multiple places in the same file.

    -Doracle.net.tns_admin="\"$TNS_ADMIN\"" \

    -Doracle.net.wallet_location="\"$wallet_loc\"" \

    -Djavax.net.ssl.trustStoreType="SSO" \ -

    Djavax.net.ssl.trustStore="/scratch/ssldbtest/clientwallet/cwallet.sso" \ -

    Djavax.net.ssl.keyStore="/scratch/ssldbtest/clientwallet/cwallet.sso" \ -

    Djavax.net.ssl.keyStoreType="SSO" \

    -Doracle.net.ssl_version="1.2" \ -

    Doracle.net.ssl_server_dn_match="true" \

  4. Specify the fully qualified JDBC URL in Connection pool settings of Tomcat server.xml or Context.xml used for DataSources.

    For example:

    url="jdbc:oracle:thin:@(DESCRIPTION = (ADDRESS = (PROTOCOL = TCPS)(HOST = dbsrvhostname.in.oracle.com)(PORT = 2484)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME=DBAAIB)) (security=(ssl_server_cert_dn=CN= dbsrvhostname)))"