NJS-116 when sec_case_sensitive_logon = FALSE on 19c

[nicholas-ochoa]

Using node-oracledb 6.0.0 with Oracle DB 19c, I'm getting the error NJS-116: password verifier type 0x939 is not supported by node-oracledb in Thin mode when starting up using Thin mode. I can resolve it by using the instant client / thick mode, or by changing sec_case_sensitive_logon to be TRUE - however in our production system we currently have this value set to FALSE. I'm investigating the effort to change it, but it is likely to be rather large.

Will support for sec_case_sensitive_logon = FALSE be added to thin mode?

[anthony-tuininga]

I'll let @cjbj and @sharadraju confirm, but I believe that there is no intent to implement the insecure 10g password verifier in thin mode. I would recommend migrating to the 12g verifier which is substantially more secure.

[cjbj]

We definitely have no plans to support the 10g verifier, sorry.

For other readers, here are the solutions if NJS-116: password verifier type 0x939 is not supported by node-oracledb in Thin mode is encountered:

• If you’re connecting to Oracle Database 11gR2 or earlier, then use node-oracledb Thick mode, or upgrade the DB.
• For later DBs:
  • make sure the database initialization parameter sec_case_sensitive_logon is not FALSE. In SQL*Plus as SYSDBA, run show parameter sec_case_sensitive_logon to check the value.
    Note sec_case_sensitive_logon has been removed in Oracle Database 21c, see Force Upgraded Password File to be Case Sensitive in the Oracle Database Learning Database New Features Release 21c manual
  • Regenerate passwords e.g. run ALTER USER x IDENTIFIED BY y, if necessary