ORACLE 初始化参数OS_AUTHENT_PREFIX、REMOTE_OS_AUTHENT
2013-06-04 15:28
363 查看
Property | Description |
---|---|
Parameter type | String |
Syntax | OS_AUTHENT_PREFIX = authentication_prefix |
Default value | OPS$ |
Modifiable | No |
OS_AUTHENT_PREFIXspecifies a prefix that Oracle uses to authenticate
users attempting to connect to the server. Oracle concatenates the value of this parameter to the beginning of the user's operating system account name and password. When a connection request is attempted, Oracle compares the prefixed username with Oracle
usernames in the database.
The default value of this parameter is
OPS$for backward compatibility with previous versions. However, you might prefer to set the prefix value to "" (a null string), thereby eliminating the addition of any prefix to operating
system account names.
OS_AUTHENT_PREFIX指定了Oracle用于验证用户尝试连接到服务器的前缀。Oracle连接此参数值到用户操作系统账号和密码的开头。当请求一个连接时,Oracle将比较连接用户名前缀和Oracle数据库中名称的前缀。该参数默认值为OPS$,为了和早先版本向后兼容。然而,可能更适合将前缀设置为"" (空字符),从而消除了任何前缀操作系统账号名称的增加。(通过操作系统用户认证的方式访问数据库,对应的数据库中的用户需要启动外部验证。这样的话操作系统用户就可以直接执行sqlplus
/ 来访问数据库,而不需要输入用户名和密码了)
Note:
The text of the
OS_AUTHENT_PREFIXparameter
is case sensitive on some operating systems.
OCP试题中有一道题,考察此知识点:
The database instance has the following parameter setting:
OS_AUTHENT_PREFIX = OPS$
OS_ROLES = FALSE
REMOTE_OS_AUTHENT = FALSE
REMOTE_OS_ROLES = FALSE
TIMED_OS_STATISTICS = 0
You have a local operating system user SKD. You create a database user OPS$SKD, and then
assign external authentication. The user OPS$SKD has the CREATE SESSION privilege.
Whatwould you achieve by the above process?
A.The database user OPS$SKD will be able to administer the database.
B.The authentication detail for the database user OPS$SKD is recorded in the password file.
C.The local operating system user SKD will be able to access the database instance withoutspecifying the username and password.
D.The database user OPS$SKD has to login with the password of the local operating system user SKD to access the database instance.
The answer is C
实验:
SQL> select * from v$version;
BANNER
--------------------------------------------------------------------------------
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - Production
PL/SQL Release 11.2.0.1.0 - Production
CORE 11.2.0.1.0 Production
TNS for Linux: Version 11.2.0.1.0 - Production
NLSRTL Version 11.2.0.1.0 - Production
[oracle@yjgocp ~]$ sqlplus / as sysdba
SQL*Plus: Release 11.2.0.1.0 Production on Thu Jun 6 10:34:25 2013
Copyright (c) 1982, 2009, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> show parameter os_auth
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
os_authent_prefix string OPS$
remote_os_authent boolean FALSE
--创建ops$开头的用户,并启用外部验证;
SQL> create user ops$oracle identified byexternally;
User created.
SQL> select username,password,account_status from dba_users;
USERNAME PASSWORD ACCOUNT_STATUS
------------------------------ ------------------------------ --------------------------------
RC_OCP OPEN
U_TP6 OPEN
V_USER1 OPEN
U_1 OPEN
GYJ OPEN
SCOTT OPEN
OPS$ORACLE OPEN
SQL> grant connect to ops$oracle;
Grant succeeded.
SQL> shutdown immediate;
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> startup;
ORACLE instance started.
Total System Global Area 422670336 bytes
Fixed Size 1336960 bytes
Variable Size 348129664 bytes
Database Buffers 67108864 bytes
Redo Buffers 6094848 bytes
Database mounted.
Database opened.
[oracle@yjgocp ~]$ id
uid=500(oracle) gid=500(oinstall) groups=500(oinstall),501(dba)
[oracle@yjgocp ~]$ sqlplus /
SQL*Plus: Release 11.2.0.1.0 Production on Thu Jun 6 10:32:10 2013
Copyright (c) 1982, 2009, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> show user;
USER is "OPS$ORACLE"
REMOTE_OS_AUTHENT
Property | Description |
---|---|
Parameter type | Boolean |
Default value | false |
Modifiable | No |
Range of values | true | false |
REMOTE_OS_AUTHENTspecifies whether remote clients will be authenticated
with the value of the
OS_AUTHENT_PREFIXparameter.
Note:
The
REMOTE_OS_AUTHENTparameter is deprecated. It is retained for backward compatibility only.
参数REMOTE_OS_AUTHENT用来控制是否允许远端操作系统验证。默认为false,该参数也只是为了向前兼容,如果按照下面的设置,
那么也会像本地操作体统用户一样不用用户名密码就可以访问实例;风险大,不建议使用;
ALTER
SYSTEM SET REMOTE_OS_AUTHENT = TRUE SCOPE = SPFILE;
相关文章推荐
- Oracle技术之初始化参数REMOTE_OS_AUTHENT
- 初始化参数REMOTE_OS_AUTHENT
- Oracle的REMOTE_LOGIN_PASSWORDFILE和REMOTE_OS_AUTHENT参数
- 4.未公开的Oracle数据库秘密笔记——参数说明——OS_AUTHENT_PREFIX
- oracle中os认证,参数remote_login_passwordfile,口令文件
- 用os_authent_prefix与remote_os_authent实现操作系统认证
- remote_os_authent参数测试!
- 初始化参数REMOTE_OS_AUTHENT简析
- os_authent_prefix参数详解
- Oracle设置初始化参数 REMOTE_LOGIN_PASSWORDFILE
- 初始化参数REMOTE_OS_AUTHENT测试
- 5、修改oracle初始化参数
- Oracle 9i初始化参数文件
- Oracle 11gR2:40几个初始化参数的有效枚举值list
- oracle技术之oracle查询初始化参数的方法(二)
- 【Oracle 真2系列】初始化参数是静态 & 动态
- oracle初始化参数文件的管理!
- ORACLE初始化参数:STATISTICS_LEVEL的介绍
- 哪些初始化参数最影响Oracle的系统性能
- Oracle技术之初始化参数O7_DICTIONARY_ACCESSIBILITY