OracleWallet初探

Oracle Wallet初探

目前累計服務(wù)客戶千余家，積累了豐富的產(chǎn)品開發(fā)及服務(wù)經(jīng)驗。以網(wǎng)站設(shè)計水平和技術(shù)實力，樹立企業(yè)形象，為客戶提供成都做網(wǎng)站、網(wǎng)站設(shè)計、網(wǎng)站策劃、網(wǎng)頁設(shè)計、網(wǎng)絡(luò)營銷、VI設(shè)計、網(wǎng)站改版、漏洞修補(bǔ)等服務(wù)。成都創(chuàng)新互聯(lián)始終以務(wù)實、誠信為根本，不斷創(chuàng)新和提高建站品質(zhì)，通過對領(lǐng)先技術(shù)的掌握、對創(chuàng)意設(shè)計的研究、對客戶形象的視覺傳遞、對應(yīng)用系統(tǒng)的結(jié)合，為客戶提供更好的一站式互聯(lián)網(wǎng)解決方案，攜手廣大客戶，共同發(fā)展進(jìn)步。

1.  什么是Wallet

A datastructure used to store and manage security credentials for an individualentity.

從Oracle10gR2開始, 通過使用Oracle Wallet達(dá)到用戶不使用密碼登錄數(shù)據(jù)庫(非操作系統(tǒng)認(rèn)證方式),這對于用腳本登錄數(shù)據(jù)庫進(jìn)行操作來說是非常有用的；尤其對于企業(yè)安全要求很高，不希望用戶名和密碼明文存在配置文件中，而且對于密碼的維護(hù)是極為方便的，比如我把wallet放在指定路徑下，當(dāng)修改密碼時，只需統(tǒng)一覆蓋wallet即可，對于有大量應(yīng)用服務(wù)器尤為方便。

2.  Wallet的創(chuàng)建和管理

1.創(chuàng)建wallet

[oracle@daidai ~]$ mkdir -p/tmp/test_wallet

[oracle@daidai ~]$ mkstore-wrl /tmp/test_wallet –create

[oracle@daidai ~]$ cd /tmp/test_wallet/

[oracle@daidai test_wallet]$ ls

cwallet.sso  ewallet.p12

配置連接串tnsnames.ora

WALLET_OCP11G =

 (DESCRIPTION =

   (ADDRESS = (PROTOCOL = TCP)(HOST = daidai.com)(PORT = 1522))

   (CONNECT_DATA =

     (SERVER = DEDICATED)

     (SERVICE_NAME = ocp11g)

    )

  )

配置sqlnet.ora

WALLET_LOCATION=(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=/tmp/test_wallet)))

SQLNET.WALLET_OVERRIDE = TRUE

把登入數(shù)據(jù)庫的用戶認(rèn)證信息添加到wallet中

[oracle@daidai ~]$ mkstore --help

Oracle Secret Store Tool : Version11.2.0.4.0 - Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

 

No wallet location specified.

mkstore [-wrl wrl] [-create] [-createSSO][-createLSSO] [-createALO] [-delete] [-deleteSSO] [-list] [-createEntry aliassecret] [-viewEntry alias] [-modifyEntry alias secret] [-deleteEntry alias] [-createCredential connect_string username password][-listCredential] [-modifyCredential connect_string username password][-deleteCredential connect_string] [-help] [-nologo]

[oracle@daidai ~]$ mkstore-wrl /tmp/test_wallet -createCredential wallet_ocp11g daidai love8013

Oracle Secret Store Tool : Version11.2.0.4.0 - Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

 

Enter wallet password:l         3

  

Create credential oracle.security.client.connect_string1

測試連接

至此，就可以使用wallet連接

[oracle@daidai ~]$ sqlplus/@wallet_ocp11g

 

SQL*Plus: Release 11.2.0.4.0 Production onTue Jun 14 14:47:49 2016

 

Copyright (c) 1982, 2013, Oracle.  All rights reserved.

 

 

Connected to:

Oracle Database 11g Enterprise EditionRelease 11.2.0.4.0 - 64bit Production

With the Partitioning, OLAP, Data Miningand Real Application Testing options

 

SQL>

2.管理wallet

管理wallet同樣適用mkstore命令

查看Credential

[oracle@daidai ~]$ mkstore-wrl /tmp/test_wallet -listCredential

Oracle Secret Store Tool : Version11.2.0.4.0 - Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

 

Enter wallet password:love801   3

  

List credential (index: connect_stringusername)

1: wallet_ocp11g daidai

修改wallet中用戶密碼

[oracle@daidai ~]$ mkstore-wrl /tmp/test_wallet -modifyCredential wallet_ocp11g daidai love8014

Oracle Secret Store Tool : Version11.2.0.4.0 - Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

 

Enter wallet password:love80    

  

Modify credential

Modify 1

[oracle@daidai ~]$ sqlplus @/wallet_ocp11g

 

SQL*Plus: Release 11.2.0.4.0 Production onTue Jun 14 14:58:35 2016

 

Copyright (c) 1982, 2013, Oracle.  All rights reserved.

 

SP2-0310: unable to openfile "/wallet_ocp11g.sql"

Enter user-name: daidai

Enter password:--此處輸入正確密碼則進(jìn)入，錯誤密碼則不進(jìn)入

刪除wallet的用戶認(rèn)證信息

[oracle@daidai ~]$ mkstore -wrl/tmp/test_wallet -listCredential

Oracle Secret Store Tool : Version11.2.0.4.0 - Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

 

Enter wallet password:lov   e8  

  

List credential (index: connect_stringusername)

1: wallet_ocp11g daidai

[oracle@daidai ~]$ mkstore-wrl /tmp/test_wallet -deleteCredential wallet_ocp11g

Oracle Secret Store Tool : Version11.2.0.4.0 - Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

 

Enter wallet password: ove801   3

  

Delete credential

Delete 1

查看wallet詳細(xì)認(rèn)證信息

[oracle@daidai ~]$ mkstore-wrl /tmp/test_wallet -list

Oracle Secret Store Tool : Version11.2.0.4.0 - Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

 

Enter wallet password:l  e8  013

  

Oracle Secret Store entries:

oracle.security.client.connect_string1

oracle.security.client.password1

oracle.security.client.username1

[oracle@daidai ~]$mkstore-wrl /tmp/test_wallet -viewEntry oracle.security.client.connect_string1

Oracle Secret Store Tool : Version11.2.0.4.0 - Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

 

Enter wallet password:lo   ve8  

  

oracle.security.client.connect_string1 =wallet_ocp11g

更改wallet里用戶認(rèn)證信息的內(nèi)容

mkstore -wrl/tmp/test_wallet -modifyEntry oracle.security.client.password1skatepwd1

mkstore -wrl/tmp/test_wallet -modifyEntry oracle.security.client.username1skate1

3.  遷移linux wallet至window 7

1. 按照linux中的樣式修改tnsname.ora[IP & port]和sqlnet.ora[walletpath]，注意測試連通性

2. mkstore -wrl e:/test_wallet –create

3. 拷貝出linux中wallet文件覆蓋windows中的wallet文件

windows遷移至linux，我沒有測試。

名稱欄目：OracleWallet初探
文章鏈接：http://muchs.cn/article10/igegdo.html

成都網(wǎng)站建設(shè)公司_創(chuàng)新互聯(lián)，為您提供網(wǎng)站維護(hù)、服務(wù)器托管、標(biāo)簽優(yōu)化、電子商務(wù)、營銷型網(wǎng)站建設(shè)、網(wǎng)站制作

廣告

聲明：本網(wǎng)站發(fā)布的內(nèi)容（圖片、視頻和文字）以用戶投稿、用戶轉(zhuǎn)載內(nèi)容為主，如果涉及侵權(quán)請盡快告知，我們將會在第一時間刪除。文章觀點(diǎn)不代表本網(wǎng)站立場，如需處理請聯(lián)系客服。電話：028-86922220；郵箱：631063699@qq.com。內(nèi)容未經(jīng)允許不得轉(zhuǎn)載，或轉(zhuǎn)載時需注明來源： 創(chuàng)新互聯(lián)