Oracle JDBC intermittent Connection Issue

by

There is a solution provided to this problem in some of the OTN forums (https://kr.forums.oracle.com/forums/thread.jspa?messageID=3699989). But, the root cause of the problem is not explained. Following is my attempt to explain the root cause of the problem.

The Oracle JDBC drivers communicate with the Oracle server in a secure way. The drivers use the java.security.SecureRandom class to gather entropy for securing the communication. This class relies on the native platform support for gathering the entropy.

Entropy is the randomness collected/generated by an operating system or application for use in cryptography or other uses that require random data. This randomness is often collected from hardware sources, either from the hardware noises, audio data, mouse movements or specially provided randomness generators. The kernel gathers the entropy and stores it is an entropy pool and makes the random character data available to the operating system processes or applications through the special files /dev/random and /dev/urandom.

Reading from /dev/random drains the entropy pool with requested amount of bits/bytes, providing a high degree of randomness often desired in cryptographic operations. In case, if the entropy pool is completely drained and sufficient entropy is not available, the read operation on /dev/random blocks until additional entropy is gathered. Due to this, applications reading from /dev/random may block for some random period of time.

In contrast to the above, reading from the /dev/urandom does not block. Reading from /dev/urandom, too, drains the entropy pool but when short of sufficient entropy, it does not block but reuses the bits from the partially read random data. This is said to be susceptible to cryptanalytical attacks. This is a theorotical possibility and hence it is discouraged to read from /dev/urandom to gather randomness in cryptographic operations.

The java.security.SecureRandom class, by default, reads from the /dev/random file and hence sometimes blocks for random period of time. Now, if the read operation does not return for a required amount of time, the Oracle server times out the client (the jdbc drivers, in this case) and drops the communication by closing the socket from its end. The client when tries to resume the communication after returning from the blocking call encounters the IO exception. This problem may occur randomly on any platform, especially, where the entropy is gathered from hardware noises.

As suggested in the OTN forum, the solution to this problem is to override the default behaviour of java.security.SecureRandom class to use the non-blocking read from /dev/urandom instead of the blocking read from /dev/random. This can be done by adding the following system property -Djava.security.egd=file:///dev/urandom to the JVM. Though this is a good solution for the applications like the JDBC drivers, it is discouraged for applications that perform core cryptographic operations like crytographic key generation.

Other solutions could be to use different random seeder implementations available for the platform that do not rely on hardware noises for gathering entropy. With this, you may still require to override the default behaviour of java.security.SecureRandom.

Increasing the socket timeout on the Oracle server side can also be a solution but the side effects should be assessed from the server point of view before attempting this.

More Related Contents:

  1. having an exception when saving oracle type object in some entity
  2. Is java.sql.Timestamp timezone specific?
  3. java.sql.SQLException: – ORA-01000: maximum open cursors exceeded
  4. Using setDate in PreparedStatement
  5. How to connect to Oracle using Service Name instead of SID
  6. Where’s my invalid character (ORA-00911)
  7. Why do I get java.lang.AbstractMethodError when trying to load a blob in the db?
  8. How to call oracle stored procedure which include user-defined type in java?
  9. java.sql.SQLException: Exhausted Resultset
  10. How to enable logging for SQL statements when using JDBC
  11. Difference between Oracle jdbc driver classes?
  12. PLSQL JDBC: How to get last row ID?
  13. Getting output from dbms_output.get_lines using JDBC
  14. JDBC ResultSet get columns with table alias
  15. How to write / update Oracle blob in a reliable way?
  16. Setting Network Timeout for JDBC connection
  17. Getting an exception ORA-00942: table or view does not exist – when inserting into an existing table
  18. Java JDBC – How to connect to Oracle using tnsnames.ora
  19. Call an Oracle function from Java
  20. Cannot use a LIKE query in a JDBC PreparedStatement?
  21. ojdbc14.jar vs. ojdbc6.jar
  22. Connection timeout for DriverManager getConnection
  23. Oracle’s RETURNING INTO usage in Java (JDBC, Prepared Statement)
  24. Connection cannot be cast to oracle.jdbc.OracleConnection
  25. Oracle JDBC : invalid username/password (ora-01017)
  26. PreparedStatement and setTimestamp in oracle jdbc
  27. The Network Adapter could not establish the connection when connecting with Oracle DB
  28. Iterating a ResultSet using the JDBC for Oracle takes a lot of time about 16s?
  29. com.mysql.jdbc.exceptions.jdbc4.CommunicationsException:Communications link failure [duplicate]
  30. When to close Connection, Statement, PreparedStatement and ResultSet in JDBC

Leave a Comment