oracle10g_security wallet

来源:网络 责任编辑:栏目编辑 发表时间:2013-07-01 19:50 点击:

043 security wallet
three type wallets in the oracle database
#######################################
first: simplify_wallet
#######################################
1)create a wallet directory
[oracle@station60 orcl]$ pwd
/u01/app/oracle/admin/orcl
[oracle@station60 orcl]$ mkdir wallet
2)create a wallet key in the sqlplus.
SQL> conn /as sysdba;
Connected.
SQL> alter system set encryption key identified by "oracle456";
System altered.
SQL> alter system set encryption wallet open identified by "oracle456";
alter system set encryption wallet open identified by "oracle456"
*
ERROR at line 1:
ORA-28354: wallet already open
3)the wallet directory wolud be produce the file autoly
[oracle@station60 wallet]$ ls
ewallet.p12
[oracle@station60 orcl]$ ls
adump  bdump  cdump  dpdump  pfile  udump  wallet
4)create a encrypt table
SQL> conn /as sysdba;
Connected.
SQL> create table t04315_b(a number, b varchar2(20) encrypt);
Table created.
SQL> insert into t04315_b values(1,'success');
1 row created.
SQL> commit; 
Commit complete.
5)check the wallet encryption function
SQL> conn /as sysdba;
Connected.
SQL> alter system set encryption wallet close;
System altered.
SQL> conn hr/hr
Connected.
SQL> select * from t04315_b;
select * from t04315_b
              *
ERROR at line 1:
ORA-28365: wallet is not open
6)encryption crash stuation
if you delete the ewallet.p12 in the wallet,then the encrypt table would
be disappear forever.therefore, dba must be careful.
SQL> conn /as sysdba;
Connected.
SQL> alter system set encryption wallet open identified by "oracle456";
alter system set encryption wallet open identified by "oracle456"
*
ERROR at line 1:
ORA-28367: wallet does not exist
SQL> select * from hr.t04315_b;
select * from hr.t04315_b
                 *
ERROR at line 1:
ORA-28365: wallet is not open
########################################
second: global wallet
########################################
1)create the wallet directory
[oracle@station60 orcl]$ pwd
/u01/app/oracle/wallet/orcl
2)create wallet file by Graphical User Interface(GUI)
[root@station60 ~]# xhost +
access control disabled, clients can connect from any host
[root@station60 ~]# su - oracle
[oracle@station60 ~]$ owm
#####input the password and select the place to save. no certificate.
Done.
[oracle@station60 ~]$ cd /u01/app/oracle/wallet/orcl
[oracle@station60 orcl]$ ls
ewallet.p12
3)modify the sqlnet.ora
[oracle@station60 orcl]$ cd $TNS_ADMIN
[oracle@station60 admin]$ cat sqlnet.ora
sqlnet.wallet_override=true
encryption_wallet_location=(source=(method=file)(method_data=(directory=/u01/app/oracle/wallet/orcl)))           
#####it is a raw without 'enter'
SQL> shutdown immediate
SQL> startup     
#####startup force is danager,use it carefully
4)check the wallet
SQL> conn /as sysdba;
Connected.
SQL> alter system set encryption key identified by "oracle456";
System altered.
SQL> alter system set encryption wallet open identified by "oracle456";
System altered.
SQL> conn hr/hr
Connected.
SQL> create table t04315_a1(a number);

    发表评论
    请自觉遵守互联网相关的政策法规,严禁发布色情、暴力、反动的言论。
    用户名: 验证码:点击我更换图片
    最新评论 更多>>

    推荐热点

    • Table函数使用简介
    • Oracle数据库Constraint约束的常用操作及异常处理
    • Bulk Collect性能分析(zz)
    • export/import的使用
    • OCP043第十五讲 Database Security
    • ORACLE10gr2数据导入MySQL方案
    • oracle 让sys用户可以使用isqlplus
    • 在oracle数据库下使用iSQL*Plus DBA访问数据库
    • Oracle行列转换小结
    网站首页 - 友情链接 - 网站地图 - TAG标签 - RSS订阅 - 内容搜索
    Copyright © 2008-2015 计算机技术学习交流网. 版权所有

    豫ICP备11007008号-1