Oracle authentication method

Others 2019-08-21 22:46:16 views: null

 

 

certification_methods

certification_methods

1 Introduction

Oracle login authentication in two ways, based on the operating system login authentication based on validation of oracle.

ORACLE database to achieve authentication via password file pwdsid.ora three remote_login_passwordfile and synergy parameter sqlnet.authentication_services, parameter file sqlnet.ora file in.

1.1 sqlnet

Windows environment with Linux / Unix environment are different:

Windows
  • SQLNET.AUTHENTICATION_SERVICES = (NTS) is an operating system based authentication;
  • SQLNET.AUTHENTICATION_SERVICES = (NONE) Oracle-based authentication;
  • SQLNET.AUTHENTICATION_SERVICES = (NONE, NTS) coexist both.
  • SQLNET.AUTHENTICATION_SERVICES must be set to use OS authentication for the NTS or ALL can; do not set or set to any other value can not use OS authentication.
Linux/Unix
In linux, the value is set to SQLNET.AUTHENTICATION_SERVICES
  • Or in the case of not set to ALL OS verification;
  • NONE or NTS, are based on oracle password authentication.

1.2 Remote_login_passwordfile

This parameter has to choose three values: NONE, EXCLUSIVE, SHARED

  • NONE: do not use a password file, the operating system certification;
  • EXCLUSIVE: password file authentication, but only one database instance can use this file;
  • SHARED: password file authentication, you can have more than one database instance can use this file, but this setting can be identified only SYS account, even if the information of other users exist in the file, nor are they allowed to SYSOPER / SYSDBA login.

1.3 with the use of

1) operating system authentication sqlnet.authentication_services = (NTS) simultaneously Remote_login_passwordfile = (NONE), in this case, the operating system authentication.

When the user under oracle_dba group log into the local operating system, do the following: sqlplus / nolog SQL> conn / as sysdba can successfully log in as sysdba, operate databases when you are logged in remotely, execute: sqlplus / nolog SQL> conn / as sysdba is displayed: ERROR: ORA-01031: insufficient privileges which does not allow remote login as sysdba system, which is the reason for OS authentication this so called local authentication method.

  1. Password file authentication

Sqlnet.authentication_services = (NONE), while Remote_login_passwordfile = (EXCLUSIVE) | (SHARED), with the password file PWDsid.ora, this time for the password file authentication: Cd $ ORACLE_HOME / dbs enter the command: orapwd file = orapwdora password = abc123 entries = 10 ignorecase = n (sys modified password) parameter, ignorecase SYSDBA password case sensitivity, as follows:

When the local user to log into the system oracle_dba group, do the following: SQL> conn / as sysdba appears:

ERROR:ORA-01031:insufficient privileges

Operation below the locally or remotely: sqlplus / nolog SQL> conn sys / password @ service name as sysdba can enter the system, that allows users to password file authentication from a local or remote login as sysdba, but must provide a password .

  1. Operating system compatible authentication and password file authentication

Sqlnet.authentication_services = (NTS), while Remote_login_passwordfile = (EXCLUSIVE) | (SHARED), with the password file PWDsid.ora, this time for the operating system authentication and password file authentication function simultaneously: When a user logs in to the local group in oracle_dba after entering the operating system, operate below the: sqlplus / nolog SQL> conn / as sysdba can enter the system that is operating system authentication login is successful when working remotely:.. sqlplus / nolog SQL> conn sys / password @ service name as sysdba while a normal login to the database system that password file authentication login is successful.

note
Distinguish the difference between the following login modes
1: conn / as sysdba landing the machine, use operating system authentication, whether listeners can
2: conn sys / password as sysdba landing the machine, using a password file authentication, whether listeners can
3: conn sys / password @ dbanote as sysdba This unit can be remotely, using password file authentication, there must be listening, there must tnsnames.ora, remote_login_passwordfile must be EXCLUSIVE

Author: halberd.lee

Created: 2019-08-21 Wed 16:54

Validate

Guess you like

Origin www.cnblogs.com/halberd-lee/p/11389728.html
Recommended
Ranking
A quick primer on numpy basics
Two sister tease python project
Java | Multiple keywords in the replacement content are returned to the front end in red style
C ++: references
The string leetcood 1018 is a binary prefix divisible by 5
Flutter 布局组件
Java combat spingboot-redis
PMP pre-exam sprint and wrong questions sorting
ActiveMq C# Message Features: Delayed and Timed Message Delivery
DSP28377S_ copy a program from the RAM to FLASH portion DETAILS
Daily
More
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)

Code World

© 2018 codetd.com