This section discusses how to connect a client application to Oracle Database in two ways: directly and through an HTTP tunnel. If you need to connect to Oracle Database in conditions of restricted connectivity, e.g. when a database server is hidden behind a firewall, or you need to transmit private network data through a public network, you can set up an HTTP tunnel to create a direct network link between two locations. The tunnel is created by an intermediary called a proxy server.
Direct connection implies that a client connects to a server through a directly connected network, without IP routing: you only need to specify the server address, port number, service name, and user credentials. This is also the fastest and preferred way to communicate with an Oracle server.
Code sample for a direct connection:
var OraSession: TOraSession; ... OraSession := TOraSession.Create(self); OraSession.Options.Direct := True; OraSession.Server := '220.127.116.11:1521/ORCL1020'; OraSession.Username := 'Scott'; OraSession.Password := 'Tiger'; OraSession.Connect;
When an Oracle server is hidden behind a firewall, the client is not able to connect to the server directly on a specified port. If your firewall allows HTTP connections, you can use ODAC with a properly configured web server to connect to the database server. ODAC supports HTTP tunneling based on the PHP script.
A possible scenario of using HTTP tunneling: the client needs to access the database of a website from a remote machine, but access to the designated port of the database server is forbidden - only connections on the HTTP port 80 are allowed. To establish a connection in this scenario, you must deploy the tunnel.php script, which is distributed with the provider package, on the web server. It enables access to the database server through an HTTP tunnel. The script must be accessible through HTTP. You can verify script accessibility using any web browser. The script file is located in the HTTP folder of the installed provider:
"%Program Files%\Devart\ODAC for RAD Studio XX\HTTP\tunnel.php". The only requirement to the server is support for PHP 5.
To connect to the database, you must set the
TOraSession parameters as you do for a direct connection, then set the
HttpOptions.Enabled property to
True, and set the following parameters, specific to the HTTP tunneling:
|HttpOptions.Url||Yes||The URL of the PHP script for HTTP tunneling. For example, if the script is is located in the root directory, the URL may look like this:
|HttpOptions.Username, HttpOptions.Password||No||The username and password for the password-protected directory that contains the HTTP tunneling script.|
The HTTP tunneling server may be not be directly accessible from the client machine, for example, the client address is
10.0.0.2 and the server address is
18.104.22.168:1521/ORCL1020. The client and server reside in different networks, so the client can only reach it through the proxy server at
10.0.0.1, which listens on port
808. In this case, in addition to
TOraSession.HttpOptions, you have to set values for
HttpOptions.ProxyOptions, for example:
var OraSession: TOraSession; ... OraSession := TOraSession.Create(self); OraSession.Options.Direct := True; OraSession.Server := '22.214.171.124:1521/ORCL1020'; OraSession.Username := 'Scott'; OraSession.Password := 'Tiger'; OraSession.HttpOptions.Enabled := True; OraSession.HttpOptions.Url := 'https://dac-tunnel.devart.com/tunnel1.php'; OraSession.HttpOptions.ProxyOptions.Hostname := '10.0.0.1'; OraSession.HttpOptions.ProxyOptions.Port := 808; OraSession.HttpOptions.ProxyOptions.Username := 'ProxyUser'; OraSession.HttpOptions.ProxyOptions.Password := 'ProxyPassword'; OraSession.Connect;
Note that setting the parameters for
OraSession.HttpOptions.ProxyOptions automatically enables the use of the proxy server.
tunnel.phpscript on your server to verify that the script has been properly installed.
TCRSSLIOHandler. The last component is required when connecting through HTTPS.
TCRSSLIOHandleris distributed with SecureBridge and is required for binding ODAC with SecureBridge. The installation instructions for the component are provided in
Readme.html, which is located by default in
"My Documents\Devart\ODAC for RAD Studio XX\Demos\TechnologySpecific\SecureBridge\DelphiXX."
TDBGridand set the
DataSourceproperty to an instance of
TDataSourcecomponent and set the
DataSetproperty to an instance of
TOraQueryand set the
Sessionproperty to an instance of
TOraSession. Double-click the component and enter an SQL statement to be executed against Oracle Database.
TButtonto switch to the code view. Add the code to call the
TOraQuerywhen the button is clicked.
TOraSessioncomponent. If you use an HTTPS tunnel, set the
CRSSLIOHandler1. Expand the
HttpOptionsand enter the URL of the
tunnel.phpscript on your server.
TOraSessioncomponent. Specify your server address, port, service name, username and password for the Oracle user. Click
Connectto test connection to the Oracle server.
F9to compile and run the project, and click the button to run the query against the database through HTTPS and display the data in the form.
There is one more way to tunnel network traffic. The Secure Shell forwarding, or SSH, can be used for data forwarding. HHowever, SSH is designed to encrypt traffic rather than traverse firewalls. The Connecting via SSH document describes how to set up an SSH connection in ODAC.
Keep in mind that traffic tunneling or encryption always increases the CPU usage and bandwidth utilization. It is recommended that you use direct connection whenever possible.