您的位置:首页 > 数据库 > Oracle

ORACLE 初始化参数OS_AUTHENT_PREFIX、REMOTE_OS_AUTHENT

2013-06-04 15:28 363 查看
PropertyDescription
Parameter typeString
Syntax
OS_AUTHENT_PREFIX =
 
authentication_prefix
Default value
OPS$
ModifiableNo
OS_AUTHENT_PREFIX
 specifies a prefix that Oracle uses to authenticate
users attempting to connect to the server. Oracle concatenates the value of this parameter to the beginning of the user's operating system account name and password. When a connection request is attempted, Oracle compares the prefixed username with Oracle
usernames in the database.

The default value of this parameter is 
OPS$
 for backward compatibility with previous versions. However, you might prefer to set the prefix value to "" (a null string), thereby eliminating the addition of any prefix to operating
system account names.

OS_AUTHENT_PREFIX指定了Oracle用于验证用户尝试连接到服务器的前缀。Oracle连接此参数值到用户操作系统账号和密码的开头。当请求一个连接时,Oracle将比较连接用户名前缀和Oracle数据库中名称的前缀。该参数默认值为OPS$,为了和早先版本向后兼容。然而,可能更适合将前缀设置为"" (空字符),从而消除了任何前缀操作系统账号名称的增加。(通过操作系统用户认证的方式访问数据库,对应的数据库中的用户需要启动外部验证。这样的话操作系统用户就可以直接执行sqlplus
 / 来访问数据库,而不需要输入用户名和密码了)

Note:
The text of the 
OS_AUTHENT_PREFIX
 parameter
is case sensitive on some operating systems.

OCP试题中有一道题,考察此知识点:

The database instance has the following parameter setting:

OS_AUTHENT_PREFIX = OPS$

OS_ROLES = FALSE

REMOTE_OS_AUTHENT = FALSE

REMOTE_OS_ROLES = FALSE

TIMED_OS_STATISTICS = 0

You have a local operating system user SKD. You create a database user OPS$SKD, and then

assign external authentication. The user OPS$SKD has the CREATE SESSION privilege.

 Whatwould you achieve by the above process?

A.The database user OPS$SKD will be able to administer the database.

B.The authentication detail for the database user OPS$SKD is recorded in the password file.

C.The local operating system user SKD will be able to access the database instance withoutspecifying the username and password.

D.The database user OPS$SKD has to login with the password of the local operating system user SKD to access the database instance.

The answer  is C

实验:

SQL> select * from v$version;

BANNER

--------------------------------------------------------------------------------

Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - Production

PL/SQL Release 11.2.0.1.0 - Production

CORE    11.2.0.1.0      Production

TNS for Linux: Version 11.2.0.1.0 - Production

NLSRTL Version 11.2.0.1.0 - Production

[oracle@yjgocp ~]$ sqlplus / as sysdba

SQL*Plus: Release 11.2.0.1.0 Production on Thu Jun 6 10:34:25 2013

Copyright (c) 1982, 2009, Oracle.  All rights reserved.

Connected to:

Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - Production

With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL> show parameter os_auth
NAME                                 TYPE        VALUE
------------------------------------ ----------- ------------------------------
os_authent_prefix                    string      OPS$
remote_os_authent                    boolean     FALSE

--创建ops$开头的用户,并启用外部验证;
SQL> create user ops$oracle identified byexternally;
User created.
SQL> select username,password,account_status from dba_users;
USERNAME                       PASSWORD                       ACCOUNT_STATUS
------------------------------ ------------------------------ --------------------------------
RC_OCP                                                        OPEN
U_TP6                                                         OPEN
V_USER1                                                       OPEN
U_1                                                           OPEN
GYJ                                                           OPEN
SCOTT                                                         OPEN
OPS$ORACLE                                                    OPEN

SQL> grant connect to ops$oracle;

Grant succeeded.

SQL> shutdown immediate;

Database closed.

Database dismounted.

ORACLE instance shut down.

SQL> startup;

ORACLE instance started.

Total System Global Area  422670336 bytes

Fixed Size                  1336960 bytes

Variable Size             348129664 bytes

Database Buffers           67108864 bytes

Redo Buffers                6094848 bytes

Database mounted.

Database opened.

[oracle@yjgocp ~]$ id

uid=500(oracle) gid=500(oinstall) groups=500(oinstall),501(dba)

[oracle@yjgocp ~]$ sqlplus /

SQL*Plus: Release 11.2.0.1.0 Production on Thu Jun 6 10:32:10 2013

Copyright (c) 1982, 2009, Oracle.  All rights reserved.

Connected to:

Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - Production

With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL> show user;

USER is "OPS$ORACLE"


REMOTE_OS_AUTHENT

PropertyDescription
Parameter typeBoolean
Default value
false
ModifiableNo
Range of values
true | false
REMOTE_OS_AUTHENT
 specifies whether remote clients will be authenticated
with the value of the 
OS_AUTHENT_PREFIX
 parameter.

Note:
The 
REMOTE_OS_AUTHENT
 parameter is deprecated. It is retained for backward compatibility only.
参数REMOTE_OS_AUTHENT用来控制是否允许远端操作系统验证。默认为false,该参数也只是为了向前兼容,如果按照下面的设置,

那么也会像本地操作体统用户一样不用用户名密码就可以访问实例;风险大,不建议使用;

ALTER
SYSTEM SET REMOTE_OS_AUTHENT = TRUE SCOPE = SPFILE;
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签:  Oracle OS_AUTHENT_PREFIX REMOTE_OS_AUTHENT
相关文章推荐
新的分享
章节导航