Oracle wallet實現(xiàn)無需輸入用戶名與密碼登陸數(shù)據(jù)庫

oracle 10G前,我們在SHELL或JDBC中連接數(shù)據(jù)庫時,都需要輸入用戶名與密碼,并且都是明文。從1OGR2開始,ORACLE提供wallet這個工具,可以實現(xiàn)無需輸入用戶名與密碼就可以登陸數(shù)據(jù)庫,如下: 一般情況:sqlplus scott/Oracle@htzdg 用wallet后:sqlplus /@ht

在Oracle 10G前,我們在SHELL或JDBC中連接數(shù)據(jù)庫時,都需要輸入用戶名與密碼,并且都是明文。從1OGR2開始,ORACLE提供wallet這個工具,可以實現(xiàn)無需輸入用戶名與密碼就可以登陸數(shù)據(jù)庫,如下:

一般情況:sqlplus scott/Oracle@htzdg

用wallet后:sqlplus /@htzdg

測試環(huán)境:

server :solaris 10,Oracle 11gr2

client :win 7,Oracle11gr2

登陸端配置tnsnames.ora文件,增加下面幾行

HTZDG =
? (DESCRIPTION =
??? (ADDRESS_LIST =
????? (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.100.30)(PORT = 1521))
??? )
??? (CONNECT_DATA =
????? (SERVER = DEDICATED)
????? (SERVICE_NAME = htzdg)
??? )
? )
測試是否可以正常解析

C:Usersluoping>tnsping htzdg

TNS Ping Utility for 32-bit Windows: Version 11.2.0.1.0 – Production on 29-8月 –
2012 21:40:40

Copyright (c) 1997, 2010, Oracle.? All rights reserved.

已使用的參數(shù)文件:
D:appluopingproduct11.2.0client_1networkadminsqlnet.ora

已使用 TNSNAMES 適配器來解析別名
嘗試連接 (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = 192.1
68.100.30)(PORT = 1521))) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = h
tzdg)))
OK (40 毫秒)

C:Usersluoping>
下面是開始配置wallet

??? 1,創(chuàng)建一個wallet
D:appluopingproduct11.2.0client_1BIN>mkstore -wrl D:appluopingproduct11.2.0client_1pstore -create
Oracle Secret Store Tool: 版本 11.2.0.1.0 – Production
版權(quán)所有 (c) 2004, 2009, Oracle 和/或其子公司。保留所有權(quán)利。
輸入口令:
再次輸入口令:
D:appluopingproduct11.2.0client_1BIN>cd ../
D:appluopingproduct11.2.0client_1>cd pstore
D:appluopingproduct11.2.0client_1pstore>dir
驅(qū)動器 D 中的卷是 DATA
卷的序列號是 D60C-09BD
D:appluopingproduct11.2.0client_1pstore 的目錄
2012/08/29? 15:39???

????????? .
2012/08/29? 15:39??? ????????? ..
2012/08/29? 15:39???????????? 3,589 cwallet.sso
2012/08/29? 15:39???????????? 3,512 ewallet.p12
?????????????? 2 個文件????????? 7,101 字節(jié)
?????????????? 2 個目錄 368,717,893,632 可用字節(jié)
?? 2,啟動wallet與指定wallet位置

D:appluopingproduct11.2.0client_1networkadmin>more sqlnet.ora
# sqlnet.ora Network Configuration File: D:appluopingproduct11.2.0client_1
networkadminsqlnet.ora
# Generated by Oracle configuration tools.

# This file is actually generated by netca. But if customers choose to
# install “Software Only”, this file wont exist and without the native
# authentication, they will not be able to connect to the database on NT.

SQLNET.AUTHENTICATION_SERVICES= (NTS)

NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)
WALLET_LOCATION=(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=D:appluopingproduct11.2.0client_1pstore)))
SQLNET.WALLET_OVERRIDE=TRUE
???? 3,增加需要登陸的網(wǎng)絡(luò)服務(wù)名,用戶,密碼到wallet中

D:appluopingproduct11.2.0client_1BIN>mkstore -wrl D:appluopingproduct1
1.2.0client_1pstore -createCredential htzdg sys Oracle
Oracle Secret Store Tool: 版本 11.2.0.1.0 – Production
版權(quán)所有 (c) 2004, 2009, Oracle 和/或其子公司。保留所有權(quán)利。

輸入 Wallet 口令:

Create credential Oracle.security.client.connect_string1
???? 4,測試是否成功

D:appluopingproduct11.2.0client_1BIN>sqlplus /@htzdg as sysdba

SQL*Plus: Release 11.2.0.1.0 Production on 星期三 8月 29 17:48:27 2012

Copyright (c) 1982, 2010, Oracle.? All rights reserved.

連接到:
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 – 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL>
??? 5,查看wallet中配置的網(wǎng)絡(luò)服務(wù)名

D:appluopingproduct11.2.0client_1BIN>mkstore -wrl d:appluopingproduct1
1.2.0client_1pstore -listCredential
Oracle Secret Store Tool: 版本 11.2.0.1.0 – Production
版權(quán)所有 (c) 2004, 2009, Oracle 和/或其子公司。保留所有權(quán)利。

輸入 Wallet 口令:

List credential (index: connect_string username)
1: htzdg sys
??? 6,一個網(wǎng)絡(luò)服務(wù)名,只能對應(yīng)一個用戶,如果相同的數(shù)據(jù)庫有多少用戶需要在同一個client通過wallet實現(xiàn)時,我們需要每一個用戶,創(chuàng)建一個網(wǎng)絡(luò)服務(wù)名。

??? 下面是測試一個網(wǎng)絡(luò)服務(wù)名,相增加兩個用戶時,報錯。

C:Usersluoping>mkstore -wrl D:appluopingproduct11.2.0client_1pstore -cre
ateCredential htzdg scott Oracle
Oracle Secret Store Tool: 版本 11.2.0.1.0 – Production
版權(quán)所有 (c) 2004, 2009, Oracle 和/或其子公司。保留所有權(quán)利。

輸入 Wallet 口令:

Create credential 出現(xiàn)密鑰存儲錯誤: Oracle.security.pki.OracleSecretStoreExcepti
on: Credential already exists
???? 7,當(dāng)密碼修改后,要手動更新wallet中相應(yīng)的密碼。不然要報錯的。

D:appluopingproduct11.2.0client_1BIN>sqlplus /@htzdg as sysdba

SQL*Plus: Release 11.2.0.1.0 Production on 星期三 8月 29 17:45:56 2012

Copyright (c) 1982, 2010, Oracle.? All rights reserved.

連接到:
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 – 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL>
SQL> alter user sys identified by htz;

用戶已更改。

SQL> exit
從 Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 – 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options 斷

D:appluopingproduct11.2.0client_1BIN>sqlplus /@htzdg as sysdba

SQL*Plus: Release 11.2.0.1.0 Production on 星期三 8月 29 17:46:25 2012

Copyright (c) 1982, 2010, Oracle.? All rights reserved.

ERROR:
ORA-01017: invalid username/password; logon denied

請輸入用戶名:

D:appluopingproduct11.2.0client_1BIN>mkstore -wrl D:appluopingproduct1
1.2.0client_1pstore -modifyCredential htzdg sys
Oracle Secret Store Tool: 版本 11.2.0.1.0 – Production
版權(quán)所有 (c) 2004, 2009, Oracle 和/或其子公司。保留所有權(quán)利。

命令行中缺少您的密鑰/口令
請輸入您的密鑰/口令:

請重新輸入您的密鑰/口令:

輸入 Wallet 口令:

Modify credential
Modify 1

D:appluopingproduct11.2.0client_1BIN>

D:appluopingproduct11.2.0client_1BIN>mkstore -wrl D:appluopingproduct1
1.2.0client_1pstore -modifyCredential htzdg sys
Oracle Secret Store Tool: 版本 11.2.0.1.0 – Production
版權(quán)所有 (c) 2004, 2009, Oracle 和/或其子公司。保留所有權(quán)利。

命令行中缺少您的密鑰/口令
請輸入您的密鑰/口令:

請重新輸入您的密鑰/口令:

輸入 Wallet 口令:

Modify credential
Modify 1

D:appluopingproduct11.2.0client_1BIN>
D:appluopingproduct11.2.0client_1BIN>sqlplus /@htzdg as sysdba

SQL*Plus: Release 11.2.0.1.0 Production on 星期三 8月 29 17:48:27 2012

Copyright (c) 1982, 2010, Oracle.? All rights reserved.

連接到:
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 – 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL>
???? 8,手動刪除wallet中的記錄

D:appluopingproduct11.2.0client_1BIN>mkstore -wrl d:appluopingproduct1
1.2.0client_1pstore -deleteCredential htzdg
Oracle Secret Store Tool: 版本 11.2.0.1.0 – Production
版權(quán)所有 (c) 2004, 2009, Oracle 和/或其子公司。保留所有權(quán)利。

輸入 Wallet 口令:

Delete credential
Delete 1
???? 9,mkstore命令幫忙手冊

D:appluopingproduct11.2.0client_1BIN>mkstore
Oracle Secret Store Tool: 版本 11.2.0.1.0 – Production
版權(quán)所有 (c) 2004, 2009, Oracle 和/或其子公司。保留所有權(quán)利。

mkstore [-wrl wrl] [-create] [-createSSO] [-createLSSO] [-createALO] [-delete] [
-deleteSSO] [-list] [-createEntry alias secret] [-viewEntry alias] [-modifyEntry
alias secret] [-deleteEntry alias] [-createCredential connect_string username p
assword] [-listCredential] [-modifyCredential connect_string username password]
[-deleteCredential connect_string] [-help] [-nologo]

? 版權(quán)聲明
THE END
喜歡就支持一下吧
點贊15 分享