Skip to content
This repository was archived by the owner on Jun 17, 2024. It is now read-only.
This repository was archived by the owner on Jun 17, 2024. It is now read-only.

DB2 is not working over FIPS #43

Open
Open
DB2 is not working over FIPS#43
@pjgg

Description

@pjgg
pjgg
opened on Sep 17, 2021

I am running an application over FIPS security protocol and I am getting the following error from DB2 when I am trying to connect to the database

Stacktrace:

12:21:05.340 INFO  [app] 12:21:03,833 Datasource 'db2': [jcc][t4][2010][11246][4.29.24] Connection authorization failure occurred.  Reason: Local security service non-retryable error. ERRORCODE=-4214, SQLSTATE=28000
12:21:05.340 INFO  [app] 12:21:03,843 Failed to start application (with profile prod): com.ibm.db2.jcc.am.SqlInvalidAuthorizationSpecException: [jcc][t4][2010][11246][4.29.24] Connection authorization failure occurred.  Reason: Local security service non-retryable error. ERRORCODE=-4214, SQLSTATE=28000
12:21:05.341 INFO  [app] 	at com.ibm.db2.jcc.am.b7.a(b7.java:808)
12:21:05.341 INFO  [app] 	at com.ibm.db2.jcc.am.b7.a(b7.java:66)
12:21:05.341 INFO  [app] 	at com.ibm.db2.jcc.am.b7.a(b7.java:133)
12:21:05.341 INFO  [app] 	at com.ibm.db2.jcc.t4.b.f(b.java:2663)
12:21:05.341 INFO  [app] 	at com.ibm.db2.jcc.t4.b.b(b.java:2004)
12:21:05.341 INFO  [app] 	at com.ibm.db2.jcc.t4.z.r(z.java:961)
12:21:05.341 INFO  [app] 	at com.ibm.db2.jcc.t4.z.k(z.java:494)
12:21:05.342 INFO  [app] 	at com.ibm.db2.jcc.t4.z.c(z.java:144)
12:21:05.342 INFO  [app] 	at com.ibm.db2.jcc.t4.b.k(b.java:1513)
12:21:05.342 INFO  [app] 	at com.ibm.db2.jcc.t4.b.b(b.java:1426)
12:21:05.342 INFO  [app] 	at com.ibm.db2.jcc.t4.b.a(b.java:6838)
12:21:05.342 INFO  [app] 	at com.ibm.db2.jcc.t4.b.b(b.java:947)
12:21:05.343 INFO  [app] 	at com.ibm.db2.jcc.t4.b.a(b.java:860)
12:21:05.343 INFO  [app] 	at com.ibm.db2.jcc.t4.b.a(b.java:455)
12:21:05.343 INFO  [app] 	at com.ibm.db2.jcc.t4.b.a(b.java:428)
12:21:05.343 INFO  [app] 	at com.ibm.db2.jcc.t4.b.<init>(b.java:366)
12:21:05.344 INFO  [app] 	at com.ibm.db2.jcc.DB2SimpleDataSource.getConnection(DB2SimpleDataSource.java:243)
12:21:05.344 INFO  [app] 	at com.ibm.db2.jcc.DB2SimpleDataSource.getConnection(DB2SimpleDataSource.java:200)
12:21:05.344 INFO  [app] 	at com.ibm.db2.jcc.DB2Driver.connect(DB2Driver.java:491)
12:21:05.344 INFO  [app] 	at com.ibm.db2.jcc.DB2Driver.connect(DB2Driver.java:117)
12:21:05.344 INFO  [app] 	at io.agroal.pool.ConnectionFactory.createConnection(ConnectionFactory.java:204)
12:21:05.344 INFO  [app] 	at io.agroal.pool.ConnectionPool$CreateConnectionTask.call(ConnectionPool.java:470)
12:21:05.345 INFO  [app] 	at io.agroal.pool.ConnectionPool$CreateConnectionTask.call(ConnectionPool.java:452)
12:21:05.345 INFO  [app] 	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
12:21:05.345 INFO  [app] 	at io.agroal.pool.util.PriorityScheduledExecutor.beforeExecute(PriorityScheduledExecutor.java:68)
12:21:05.345 INFO  [app] 	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1126)
12:21:05.345 INFO  [app] 	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)

Environment: RHEL8 or fedora workstation 32
JDK11 (OpenJDK)

BD2 was running in a docker container

example:

docker run --name db2 --privileged=true -p 50000:50000 -e LICENSE=accept -e DB2INST1_PASSWORD=test -e DB2INSTANCE=test -e DBNAME=amadeus -e AUTOCONFIG=false -e ARCHIVE_LOGS=false -v /tmp:/database ibmcom/db2

The same app/db2 is running as expected without FIPS

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions