Shulou(Shulou.com)06/01 Report--

A preliminary study of Oracle Wallet

1. What is Wallet?

A datastructure used to store and manage security credentials for an individualentity.

Starting with Oracle10gR2, users can log in to the database without a password (non-operating system authentication) by using Oracle Wallet, which is very useful for using scripts to log in to the database Especially for the enterprise security requirements are very high, do not want the user name and password plaintext in the configuration file, and for password maintenance is extremely convenient, for example, I put wallet under the specified path, when changing the password, only need to uniformly cover wallet, especially convenient for a large number of application servers.

2. Creation and management of Wallet. Create wallet

[oracle@daidai ~] $mkdir-p/tmp/test_wallet

[oracle@daidai ~] $mkstore-wrl / tmp/test_wallet-create

[oracle@daidai ~] $cd / tmp/test_wallet/

[oracle@daidai test_wallet] $ls

Cwallet.sso ewallet.p12

Configure connection string tnsnames.ora

WALLET_OCP11G =

(DESCRIPTION =

(ADDRESS = (PROTOCOL = TCP) (HOST = daidai.com) (PORT = 1522))

(CONNECT_DATA =

(SERVER = DEDICATED)

(SERVICE_NAME = ocp11g)

)

)

Configure sqlnet.ora

WALLET_LOCATION= (SOURCE= (METHOD=FILE) (METHOD_DATA= (DIRECTORY=/tmp/test_wallet)

SQLNET.WALLET_OVERRIDE = TRUE

Add the user authentication information logged into the database to the wallet

[oracle@daidai] $mkstore-- help

Oracle Secret Store Tool: Version11.2.0.4.0-Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

No wallet location specified.

Mkstore [- wrl wrl] [- create] [- createSSO] [- createLSSO] [- createALO] [- delete] [- deleteSSO] [- list] [- createEntry aliassecret] [- viewEntry alias] [- modifyEntry aliassecret] [- deleteEntry alias] [- createCredential connect_string username password] [- listCredential] [- modifyCredential connect_string username password] [- deleteCredential connect_string] [- help] [- nologo]

[oracle@daidai ~] $mkstore-wrl / tmp/test_wallet-createCredential wallet_ocp11g daidai love8013

Oracle Secret Store Tool: Version11.2.0.4.0-Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

Enter wallet password:l 3

Create credential oracle.security.client.connect_string1

Test connection

At this point, you can use the wallet connection

[oracle@daidai ~] $sqlplus/@wallet_ocp11g

SQL*Plus: Release 11.2.0.4.0 Production onTue Jun 14 14:47:49 2016

Copyright (c) 1982, 2013, Oracle. All rights reserved.

Connected to:

Oracle Database 11g Enterprise EditionRelease 11.2.0.4.0-64bit Production

With the Partitioning, OLAP, Data Miningand Real Application Testing options

SQL >

two。 Manage wallet

Managing wallet also applies to the mkstore command

View Credential

[oracle@daidai ~] $mkstore-wrl / tmp/test_wallet-listCredential

Oracle Secret Store Tool: Version11.2.0.4.0-Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

Enter wallet password:love801 3

List credential (index: connect_stringusername)

1: wallet_ocp11g daidai

Modify user password in wallet

[oracle@daidai ~] $mkstore-wrl / tmp/test_wallet-modifyCredential wallet_ocp11g daidai love8014

Oracle Secret Store Tool: Version11.2.0.4.0-Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

Enter wallet password:love80

Modify credential

Modify 1

[oracle@daidai ~] $sqlplus @ / wallet_ocp11g

SQL*Plus: Release 11.2.0.4.0 Production onTue Jun 14 14:58:35 2016

Copyright (c) 1982, 2013, Oracle. All rights reserved.

SP2-0310: unable to openfile "/ wallet_ocp11g.sql"

Enter user-name: daidai

Enter password:-- enter the correct password here, but not the wrong password.

Delete the user authentication information of wallet

[oracle@daidai ~] $mkstore-wrl/tmp/test_wallet-listCredential

Oracle Secret Store Tool: Version11.2.0.4.0-Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

Enter wallet password:lov e8

List credential (index: connect_stringusername)

1: wallet_ocp11g daidai

[oracle@daidai ~] $mkstore-wrl / tmp/test_wallet-deleteCredential wallet_ocp11g

Oracle Secret Store Tool: Version11.2.0.4.0-Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

Enter wallet password: ove801 3

Delete credential

Delete 1

View wallet certification details

[oracle@daidai ~] $mkstore-wrl / tmp/test_wallet-list

Oracle Secret Store Tool: Version11.2.0.4.0-Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

Enter wallet password:l e8 013

Oracle Secret Store entries:

Oracle.security.client.connect_string1

Oracle.security.client.password1

Oracle.security.client.username1

[oracle@daidai ~] $mkstore-wrl / tmp/test_wallet-viewEntry oracle.security.client.connect_string1

Oracle Secret Store Tool: Version11.2.0.4.0-Production

Copyright (c) 2004, 2013, Oracle and/or itsaffiliates. All rights reserved.

Enter wallet password:lo ve8

Oracle.security.client.connect_string1 = wallet_ocp11g

Change the content of user authentication information in wallet

Mkstore-wrl / tmp/test_wallet-modifyEntry oracle.security.client.password1skatepwd1

Mkstore-wrl / tmp/test_wallet-modifyEntry oracle.security.client.username1skate1

3. Migrate linux wallet to window 7

Modify tnsname.ora [IP & port] and sqlnet.ora [walletpath] according to the style in linux, and pay attention to testing connectivity

Mkstore-wrl e:/test_wallet-create

Copy out the wallet file in linux and overwrite the wallet file in windows

Windows migrated to linux and I didn't test it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.