oracle
Add ability to pass in file content directly when connecting to Cloud Autonomous Databases with mTLS and 'thin' mode
- Describe your new request in detail
Hi, I have a multi tenant cloud service that will potentially use different machines to connect to a customer's Oracle Cloud Autonomous database. I want to support mTLS with the 'thin' node library but want to avoid storing and reading from the machine's local filesystem. Based on the documentation it looks like the 2 files needed are tnsnames.ora and ewallet.pem.
Can we pass in the file content directly instead of reading from a file path? Example changes (that I tested work locally) would look something like this: https://github.com/mikewang333/node-oracledb/pull/1/files?w=1
Hi @mikewang333, Some more details will help us evaluate the request.
- Will the file content for ewallet.pem and tnsnames.ora ultimately come from user input or an environment variable to the application? Or will it be coded into the application?
- The driver supports full connect string or an easy connect string as input. Can this be considered instead of an in-memory tnsnames.ora?
- Does each tenant have a different wallet?
- Any particular reason you want to avoid accessing the local file system.
Hi @sreguna,
1: The file content will be stored securely but come from user input. 2: I didn't realize you can just use connectString here so we wouldn't need a tsnames.ora input. Thanks for pointing this out! 3/4: We want the ability to support multiple different customers connecting to their own OracleDB so it's possible each tenant will connect to multiple Oracle databases with different configurations and wallets. We prefer not to store it in the local file system because we have already have a practice in place to store credentials separately to better ensure security + privacy. Plus we wouldn't want to distribute wallets/other confidential information to every service's local file system
