Oracle Database 23ai (23.7.0.25.01)
Oracle Database 23ai is one of the important releases of 2024. It is a long-term release with AI-related capabilities.
The purpose of this blog is to provide you with a quick peek into all the new capabilities that are included as part of the Oracle JDBC Thin Driver 23ai Release. This blog doesn’t go into details of any specific feature; instead, it serves as a reference guide to quickly gather the important features and navigate to the developer guide, blogs, videos, or GitHub repository to dive deep into any of the features that you want to explore. You can refer to JDBC, UCP, OJVM, and Open Source Projects Timeline for the summary of the 23ai release, and also read the technical brief What’s in Oracle Database 23ai for Java Developers for more details about the 23ai features.
AI for Data
Mission Critical Features
Multi-Cloud Features
Security Features
Ease of Development
Open Source Projects
AI for Data:
♦ AI Vector Search and Vector Datatype
Artificial Intelligence (AI) is powered by machines and these machines can understand only numbers. So, AI models generate embeddings which are the numerical representation of a piece of text (word, phrase, sentence, or paragraph) converted to number sequences. Embeddings make it easy for computers to understand the relationship between the pieces of text. The VECTOR data type is introduced in Oracle Database 23ai, to store vector embeddings alongside business data in the database. This helps Oracle AI Vector Search to do semantic search on unstructured data combined with the relational search on business data in one single system. The Oracle AI Vector Search and Vector embeddings power the RAG (Retrieval Augmented Generation) use case where the most up-to-date information is obtained by external sources, thus enhancing the accuracy and relevance.
The Oracle JDBC driver supports the VECTOR datatype (e.g., oracle.jdbc.OracleType.VECTOR,oracle.jdbc.OracleType.VECTOR_INT8,oracle.jdbc.OracleType.VECTOR_FLOAT32,oracle.jdbc.OracleType.VECTOR_FLOAT64 ) for storing and indexing vector embeddings for fast retrieval and similarity search. The Oracle JDBC driver also implements necessary API changes in DatabaseMetaData, OracleResultSetMetaData, OracleParameterMetaData, and VectorMetaData to support Oracle AI Vector Search.
Refer to 14 Working with Vectors chapter of the JDBC Developer’s Guide for examples and more details.
Mission Critical Features:
♦ Self-Driver Diagnosabillity
In the previous releases, Oracle debug jars (ojdbc8_g.jar, ojdbc8dms_g.jar,ojdbc11_g.jar, ojdbc11dms_g.jar) and DMS jars (ojdbc8dms.jar/ojdbc11dms.jar) were needed in the classpath to enable logging and capture logs to investigate an issue. This is no longer the case. Starting from 23ai, a single production jar, either ojdbc11.jar or ojdbc8.jar, is all you need for all the use cases (production, tracing, metrics). Make sure logging is turned on to capture the logs and also have dms.jar in the classpath for DMS debugging.
To enable easier diagnosis of failures that might occur only once or are hard to replicate, the Oracle JDBC driver records the critical execution state in memory and then dumps that recording of error. This enables self-driven diagnosability by capturing the important diagnostic details during the first occurrence of the error. It is enabled by default and you can choose to disable it via
-Doracle.jdbc.diagnostic.enableDiagnoseFirstFailure=false.
Refer to 39.1 Diagnosability in JDBC chapter of the JDBC Developer’s Guide for more details.
♦ True Cache Datasource
A True Cache instance is an in-memory, mostly diskless, fully functional, read-only replica of the primary Oracle database. It resides in the middle tier, collocated with the application. It is enabled at the JDBC level by setting the new oracle.jdbc.useTrueCacheDriverConnection property to true. Once enabled, the TrueCache data source creates a logical connection that can be used either against the TrueCache database instance or against the primary database.
Refer to 2.8 Support for Oracle True Cache chapter of JDBC Developer’s Guide for more details.
♦ Sharding Enhancements
Directory-Based Sharding: There are three types of sharding methods: system-managed, user-defined (list-based and range-based sharding), and composite sharding. User-defined sharding is designed for the use case where there is a small, mostly known static set of key values or value ranges (up to hundreds) that the user prefers to have specific location control over.
However, in the case of user-defined sharding, there are scenarios in which customers prefer to control the movement of sharding keys and ranges to achieve a better balance of data across shards. Example., dealership application. So, Directory-based sharding enables specifying the location of data records associated with any sharding key dynamically at runtime based on user preferences. The key location information is stored in a directory, which can hold a large set of key values in the hundreds of thousands along with shard and partition information. Users have the freedom to move individual key values from one location to another or make bulk movements to scale up or down, or for data and load balancing.
Sharding with JTA/XA Transaction in WebLogic Server: Sharding with JTA/XA transactions is supported when you configure UCP as a native data source in WebLogic Server. Java Enterprise Applications that use UCP native data source sharding APIs can obtain connections to the Oracle Sharded databases and participate in JTA/XA transactions managed by WebLogic Transaction Manager (TM).
Refer to 29 JDBC Support for Database Sharding of JDBC Developer’s Guide and 13.7 Sharding with JTA/XA Transaction in WebLogic Server of UCP Developer’s Guide for more details.
♦ Transparent Application Continuity (TAC) Enhancements
Support of Resumable Cursors:
Resumable cursors are long-running cursors that stay open outside of transactional work. These cursors are commonly used in batch processes. Starting from 23ai, Oracle JDBC Drivers support resumable cursors by default when using Transparent Application Continuity (TAC). This support increases the TAC protection coverage for applications as it establishes implicit request boundaries more often, even when such cursors are open.
Refer to 33.6.1 Support for Resumable Cursors chapter in the Oracle JDBC Developer’s Guide for more details.
Application Continuity (AC) support in the Oracle JDBC datasource:
Starting with the Oracle JDBC driver 23ai, all the driver data sources support Application Continuity. We recommend that you use oracle.jdbc.datasource.impl.OracleDataSource, although either of the older data sources, oracle.jdbc.replay.OracleDataSourceImpl or oracle.jdbc.pool.OracleDataSource, also works.
Refer to 33.1 About Configuring Oracle JDBC for Application Continuity for Java for more details.
Application Continuity (AC) support with DRCP:
Application Continuity (AC) is supported when the Database Resident Connection Pooling (DRCP) is enabled on the server side. For using AC with DRCP, you must configure an application service to a server that uses DRCP.
Refer to 33.3 Application Continuity with DRCP for more details.
Multi-Cloud Features:
♦ JDBC Support for Database Pipeline (using Reactive Prog and using RSI)
Pipelining is a form of network communication in which an application can send multiple requests to a database server without having to wait for a response. The database sends a response when the results of each query are ready. Pipelined database operations foster an asynchronous programming model and have the benefits of improved response time and better scalability. You can implement pipelining using Reactive Extensions APIs (executeUpdateAsyncOracle and executeQueryAsyncOracle) or using Reactive Streams Ingest (RSI) jar.
Refer to 26 Support for Pipelined Database Operations chapter of JDBC Developer’s Guide for code samples and more details.
♦ Built-in JDBC Config Providers (FileSystem, HTTPS)
In the multi-cloud environment, database information can reside in any centralized sources such as OCI Object Storage, OCI Vault, Azure App Config, or Azure Key Vault, etc., Oracle JDBC Providers offer a solution to effectively and securely access the database configuration or resources from these centralized sources. The solution is achieved through either using the built-in JDBC config providers or implementing custom providers by extending the Oracle JDBC providers (Refer to Oracle JDBC Driver Extensions v1.0.2 under Open source projects).
Starting from 23ai, the built-in JDBC configuration providers enable the applications to read database information from either a JSON document hosted on a file system or through an HTTPS endpoint like Oracle REST Data Services (ORDS). You do not require any additional jars to use this solution. All you need is Oracle JDBC driver 23ai (ojdbc8.jar or ojdbc11.jar) in the classpath and provide the configuration file path as part of the connection string as given in the samples below.
HTTPS configuration provider: jdbc:oracle:thin:@config-https://<URL>[?key=name&option1=value1]
Filesystem Configuration Provider: jdbc:oracle:thin:@config-file:{path-to-file}[?option list]
Refer to 10.1.4 Build-in Configuration Providers, the blog article, JDBC Configuration via App Config Providers and Vaults, and the video Episode 13: Oracle Database 23ai: JDBC Service Provider Extension: Centralized Config.
♦ Reactive Streams Ingest (RSI) – Data Loader mode
Starting from 23ai release, RSI introduced a new Data Load mode which is useful for executing a large INSERT batch to the database in one go. The key differences between the DataLoad and Streaming Modes are: (1) In DataLoad mode, the changes are not committed until the RSI instance is closed whereas in the default Streaming mode, the changes are committed regularly. (2) In DataLoad mode, each worker thread has its own JDBC connection, however, in the default streaming mode, the worker threads share a pool of JDBC connections. The Streaming mode is enabled by default and you must use useDataLoadMode to enable DataLoad mode in RSI.
Refer to 25.3 About Reactive Streams Ingestion (RSI) Modes for more details and code examples.
♦ Multi-Pool Support in Database Resident Connection Pool (DRCP)
Applications can use multiple named DRCP pools to better balance the connections across different services. The procedure DBMS_CONNECTION_POOL package lets you add or remove pooled servers. When there are multiple DRCP pools, specify (POOL_NAME=<pool_name>) in the connection string along with the (SERVER=POOLED) attribute to mark connections against this pool.
Refer to 28.4 Multi-Pool Support in DRCP for more details.
♦ Tagging Support in Database Resident Connection Pool (DRCP)
DRCP provides an option to associate a server process with a particular tag name which you can apply to a connection and retrieve the connection using that tag name. The connectin tagging enhances session pooling as it helps in retrieving specific sessions easily.
Refer to 28.5 Tagging Support in Database Resident Connection Pooling for more details.
♦ TFO Lib Installer (v23.4)
TCP Fast Open (TFO) is used when the client-side application is sensitive to network latency, and you want to decrease the network latency between the application and the database. You must enable TCP Fast Open before using it in your application, and also download the required TFO libraries.
For prerequisites and other details, refer to the JDBC Thin Connections with TCP Fast Open chapter of the “Using Oracle Autonomous Database Serverless” guide.
♦ Sessionless Transactions (v23.6)
Starting with 23.6, a Sessionless Transaction breaks the coupling between the transaction and the session. Once started, a sessionless transaction need not be tied to a session or a connection. Sessionless Transactions provide the flexibility to suspend and resume a transaction during its lifecycle without a transaction manager when communicating with a single Oracle Database. There are new APIs such as startTransaction(), suspendTransaction(), suspendTransactionImmediately(),executeUpdateAndSuspend(), resumeTransaction(), etc., that have been added in oracle.jdbc.OracleConnection to manage Sessionless Transactions. Sessionless Transactions are compatible with XA transactions and can be managed using the existing XAResource APIs. But, you will need to set a system property oracle.jdbc.XAThroughSessionlessTransactions=True to enable this functionality.
Refer to chapter 38. Sessionless Transactions for the detailed list of APIs and more information.
Security Features:
♦ EZConnect for LDAPS/LDAP
Easy Connect Plus (EZConnect Plus) is an enhanced connection URL where different connection properties related to multiple use cases, such as TLS, mTLS, Oracle Wallets, JKS, multiple hosts, connection timeouts, etc., can be passed as a name-value pair as part of the connection string. Starting from 23ai, the Easy Connect Plus (EZConnect Plus) URL supports LDAP and LDAPS protocols. The LDAP-related connection properties directory_server_type, wallet_location, authenticate_bind, and authenticate_bind_method can be passed as name-value pairs as part of the connection string.
Refer to 8.2.5.2 Support for LDAP and LDAPS chapter of JDBC Developer’s Guide for more details. Check out Oracle Database Easy Connect Plus to discover other capabilities of Easy Connect Plus URL.
♦ Radius 2FA
JDBC driver supports RADIUS two-factor authentication through challenge-response authentication, where the RADIUS server asks for a valid response to a displayed challenge. As you can guess, you must configure a handler with challenge-response authentication in the RADIUS server. This handler helps with validating the responses using a given hint.
Refer to 9.9.4 Support for Challenge-Response Authentication of JDBC Developer’s Guide for more details.
♦ Support for longer passwords
In the previous releases, the database password supported was 30 bytes. Starting with 23ai, the database password length has been increased to 1024 bytes. The Oracle JDBC driver supports these long passwords and accommodates the longer passwords used by Oracle Identity Cloud Services (IDCS) and Identity Access Management (IAM).
Refer to 8.5.1 Connection and Security chapter of JDBC Developer’s Guide for more details.
♦ Kerberos Authentication Enhancements
In previous releases, Kerberos authentication required instantiating the KerberosLoginModule or the availability of Ticket Granting Ticket (TGT) in the CredentialCache. Starting with 23ai, you can configure the Kerberos Principal and Password properties in the same way as you configure the user and password properties for simple authentication (O5Logon). The Oracle JDBC thin driver uses the default Kerberos login module bundled with Oracle JDK (com.sun.security.auth.module.Krb5LoginModule). However, you can override this behavior in your application to use JAAS configuration file.
Refer to 9.8.6 Kerberos Authentication Enhancements of JDBC Developer’s Guide for more details and code examples.
♦ Support for BEQ in JDBC-Thin
The Bequeath protocol allows the database client and the database server process residing on the same Linux host to communicate directly without the network layer and network listener. Starting with 23ai, the Oracle JDBC driver supports the Bequeath protocol by setting the values of ORACLE_HOME and ORACLE_SID through the connection string.
Refer to 2.8 Support for the Bequeath Protocol chapter in JDBC Developer’s Guide.
♦ Thumbprint-based certificate selection
For TLS connections, client certificates are used for authentication. The client certificates can be stored in an Oracle Wallet, Java Key Store (JKS), Microsoft Certificate Store (MCS), or Linux certs folder (/etc/ssl/certs). When multiple certificates are present, the correct client certificate for a connection is specified in two ways. (1) Using the certificate alias (oracle.net.ssl_certificate_alias) and (2) Using the certificate thumbprint (oracle.net.ssl_certificate_thumbprint). There are specific connection properties that you can specify to use these methods. You can refer to the complete list of SSL connection properties in the JDBC Javadoc.
Refer to 9.7.2 About Managing Certificates and Wallets in the JDBC Developer’s Guide for more details.
♦ Support for PEM files (v23.6)
Autonomous Database provides a downloadable wallet zip file, which consists of JKS files and tnsnames.ora, ojdbc.properties, Oracle Wallet-related files, and PEM files, etc.; Starting from 23.4, the JDBC Driver supports cwallet.sso and e-wallet.p12, and in 23.6, support for Privacy Enhanced Mail (PEM) (ewallet.pem) file is added in the JDBC driver. This means that customers can use PEM files for establishing connections to the ADBS. The PEM file with an encrypted private key and certificate chain needs a password to use. However, in scenarios of using the JDBC driver Extensions, it is possible to use unencrypted PEM files stored in a vault secret. The connection properties oracle.net.wallet_location and oracle.net.wallet_password can be used to provide a location for a PEM file and its password (optional).
Refer to 9.11 Support for PEM in JDBC of JDBC Developer’s Guide for more details.
♦ Support for TLSv1.3 (v23.6)
Starting from JDK8 (JDK8u341) and the latest JDK11 update, TLSv1.3 is auto-enabled. It is recommended that you do not configure the protocol version and let the JDK implementation choose the most secure version. If you must explicitly choose the protocol version, then you can use CONNECTION_PROPERTY_THIN_SSL_VERSION or system property (-Doracle.net.ssl_version="1.3", "1.2")or using the connection descriptor (SSL_VERSION=1.3) sent as part of the connection URL.
Refer to 9.7.4 Database Connectivity with TLS Version 1.3 Using the JDBC Thin Driver chapter of JDBC Developer’s Guide.
♦ Support for Caching SSLContext Instance (v23.6)
Starting from Oracle Database Release v23.6, the JDBC Thin driver supports caching SSLContext Instances that improve performance and support session resumption. In a TLS connection, SSLContextCache is queried for either wallet files or keystore files. If an SSLContext already exists for an identical SSLConfig, then the connection is returned. Otherwise, a new SSLContext is created, cached, and returned to the connection. The default size of the SSLContextCache is 15. If it reaches its maximum, then the least recently used entry is removed from the cache before adding a new entry. You can modify the cache size by using the oracle.net.sslContextCacheSize system property.
Refer to 9.7.6 Support for Default TLS Context chapter of JDBC Developer’s Guide for more details.
♦ SNI Support for TLS Connections (v23.7)
Starting from Oracle Database Release v23.7, the JDBC driver supports Server Name Indication (SNI). SNI is a TLS extension that is used to send an unencrypted target database service name (hostname) in a ClientHello message. The listener uses this information to hand off the requests to the database process, without performing the TLS handshake thus improving the performance.
Refer to 9.7.7 SNI Suppport for TLS Connections chapter of JDBC Developer’s guide for more details.
♦ OJVM Security Enhancements
The OJVM, i.e., the JVM in the database server now allows installing FIPS 140-2 Java classes, thereby making JsafeJCE the default cryptography provider.
Refer to 10.6 FIPS Support of OJVM Developer’s guide for more details.
Ease of Development:
♦ JDK Support – Overview
Refer to the table below for JDBC Driver vs JDK supported. The recommendation is to use the latest ojdbc17.jar and ucp17.jar
Oracle Database 23ai (23.6.0.24.10)
| Oracle JDBC Driver |
JDK supported & JDBC compliance |
| ojdbc17.jar & ucp17.jar |
Implements the JDBC 4.3 spec, compiled with JDK17, and certified with JDK17, JDK19, and JDK21. Compatible with the Jakarta APIs. |
| ojdbc11.jar & ucp11.jar |
Implements the JDBC 4.3 spec and compiled with JDK11 and certified with JDK11 and JDK21 |
| ojdbc8.jar & ucp.jar |
Implements JDBC 4.2 spec, compiled with JDK8, and certified with JDK8 and JDK11 |
♦ Relational-JSON Duality Views
Duality views combine the advantages of using JSON documents with those of the relational model while avoiding each model’s limitations. Data remains stored in relational tables but can be accessed by any application in the form of JSON documents. Developers can get the best of both the document model and the relational model. To access the relational data in JSON format, create one or several JSON-Relational Duality Views based on use cases, using either a SQL visual tool, a SQL CLI, or programmatically using JDBC Statement.execute(“ …”). For example., if a student’s schedule needs to be retrieved as JSON, then create the JSON-Relational Duality view for the student’s schedule to be retrieved as JSON object. By querying these JSON-Relational Duality Views, you can work directly with JSON documents.
Refer to JSON-Relational Duality Developer’s Guide for more details.
♦ Support for Native Boolean datatype
Starting from Release 23ai, Oracle Database supports the BOOLEAN data type in compliance with the ISO SQL standard. The JDBC Thin driver provides support for the newly introduced BOOLEAN data type, with the introduction of a new type BOOLEAN in oracle.jdbc.OracleType. When the setBoolean(x) or setObject(x) method is called, where x is a Java boolean, the value of x is sent using this new Boolean type representation
Refer to Supporting the BOOLEAN Data Type section under 4.5.5.7 Class oracle.jdbc.OracleTypes and 12.1 Data Type Mappings chapters of the Oracle Developer’s guide.
♦ Reactive Extensions for UCP
Starting from 23ai, UCP provides asynchronous extensions which is a set of methods that add asynchronous database access. The UCP reactive extension uses non-blocking mechanisms for creating connection objects, so your application immediately receives either a CompletableFuture or a Publisher of a connection to be borrowed. This is similar to the Oracle JDBC Reactive Extensions feature.
Refer to 11 UCP Asynchronous Extension chapter of the UCP Developer’s guide for more details and code examples.
Open Source Projects:
♦ Oracle Database Navigator IntelliJ Plugin v3.5.0 (Released on Feb 2025)
Database Navigator offers a comprehensive suite of tools for database development and management for IntelliJ IDEA developers. It has a highly capable SQL and PL/SQL editor for executing SQL, PL/SQL, scripts, browsing, and editing database objects. The plugin has advanced capabilities for managing different types of connections. The plugin also supports database compiler operations, method execution and debugging, and the creation of database objects while supporting Oracle, MySQL, SQLite, and PostgreSQL databases.
Refer to the release notes for a list of new features, such as “Select AI” integration, Token authentication, OJVM support, password storage in the native keychain, and many others added in the v3.5.0 release.
♦ Oracle OCI Toolkit Plugin v1.0.1 (Released on Aug 2024)
The Oracle Cloud Infrastructure (OCI) Toolkit was released to ease accessing the Oracle Autonomous Database through IntelliJ IDE. Java Developers can easily create or access any workload types (ATP, ADW, AJD) while staying in the IntelliJ IDE. The new features include AppStack support for the plugin which helps in deploying existing Java applications using serverless resources. Java users can create, delete, and apply app stack for Java instances. They can also view jobs for apply and re-apply while viewing the terraform logs for AppStack creation and apply. The plugin also supports a DevOps Dashboard which is used for viewing existing code repositories in a DevOps project and project-based features.
Refer to Oracle OCI Toolkit plugin home page for downloading the plugin. Also, check out the OCI Toolkit Plugin on the IntelliJ IDE YouTube video for instructions on how to use the plugin.
♦ Oracle JDBC Driver Extensions v1.0.2 (Released Jan 2025)
Starting with Oracle Database 23ai, to support centralized configuration in the distributed environment, JDBC drivers allow implementing custom service providers by extending the Oracle JDBC Providers based on your centralized configuration or resource provider. There are some pre-built configuration providers that you can leverage or build your own providers.
Method 1: Use these configuration providers that are built already and available on Central Maven to use.
Configuration Providers: ojdbc-provider-azure (for Azure App Configuration). Requires ojdbc-provider-common.
Resource Providers: ojdbc-provider-oci (for OCI Object Store). Requires ojdbc-provider-common.
Method 2: Build your own providers by extending the oracle.jdbc.spi.OracleConfigurationProvider interface and follow the Java SPI specification.
Refer to the GitHub ojdbc-extensions, chapter 10 JDBC Service Provider Extensions of JDBC developer guide, blog article, Into the Multi-Cloud Part 2: Oracle JDBC Extensions, Centralized Config Providers and Azure, and the video Episode 13: Oracle Database 23ai: JDBC Service Provider Extension: Centralized Config for more details.
♦ OpenTelemetryProvider
Open Telemetry is an observability framework designed to create and manage telemetry data, such as traces, metrics, and logs, in a multi-cloud environment. The module ojdbc-provider-opentelemetry is the provider for integrating Oracle JDBC and Open Telemetry. This provider implements the TraceEventListener interface provided by the JDBC driver which will be notified whenever events are generated in the driver and will publish these events into Open Telemetry. The events that are included are roundtrips to the database server, Application Continuity Begin and Success, and VIP down event. Refer to OpenTelemetry Github page for the attributes that are included for these events, for examples, and other details.
Refer to the blog Tracing a SpringBoot Application using Azure App Insight and Oracle JDBC Open Telemetry Provider for more details.
♦ Oracle R2DBC Driver v1.2.0
Oracle R2DBC Driver is a Java library that supports reactive programming with the Oracle Database. Oracle R2DBC implements the R2DBC Service Provider Interface (SPI) as specified by the Reactive Relational Database Connectivity (R2DBC) project. Reactive Streams is a standard for asynchronous, non-blocking, and back-pressured communication. This standard allows an R2DBC driver to interoperate with other reactive libraries and frameworks, such as Spring, Project Reactor, RxJava, and Akka Streams. Newer versions of R2DBC Driver will be released with every new release of R2DBC SPI.
Refer to its Github repository oracle-r2dbc for more details.
♦ Oracle Database Kubernetes Operator v1.1.0
Oracle Database Operator for Kubernetes (aka OraOperator) helps manage the lifecycle of single-instance databases, sharded databases, and Autonomous databases on shared infrastructure (ADB-S). New releases are rolled out almost twice per year. The latest version, v1.1.0, released in May 2024, has new enhancements to cover different use cases of sharding and ADB-S.
Refer to the GitHub repository oracle-database-operator and the blog #OraOperator goes Production for more details.
References:
What’s in Oracle Database 23ai for Java Developers?
Oracle JDBC Landing Page or navigate to www.oracle.com/jdbc
Oracle JDBC Download Page
Oracle JDBC Developer’s Guide
Oracle UCP Developer’s Guide