Oracle默认允许用户输入10次错误密码,超过10次后账户就会被锁定
sys@ORCL>select * from dba_profiles where profile='DEFAULT' and resource_name='FAILED_LOGIN_ATTEMPTS'; PROFILE RESOURCE_NAME RESOURCE_TYPE LIMIT --------------- ------------------------------ ------------------------ ------------------- DEFAULT FAILED_LOGIN_ATTEMPTS PASSWORD 10
测试zx用户,使用错误的密码连接11次
[oracle@rhel6 ~]$ cat login.sh sqlplus zx/123 <<EOF EOF sqlplus zx/123 <<EOF EOF sqlplus zx/123 <<EOF EOF sqlplus zx/123 <<EOF EOF sqlplus zx/123 <<EOF EOF sqlplus zx/123 <<EOF EOF sqlplus zx/123 <<EOF EOF sqlplus zx/123 <<EOF EOF sqlplus zx/123 <<EOF EOF sqlplus zx/123 <<EOF EOF sqlplus zx/123 <<EOF EOF [oracle@rhel6 ~]$ sh login.sh SQL*Plus: Release 11.2.0.4.0 Production on Mon Jan 16 17:09:16 2017 Copyright (c) 1982, 2013, Oracle. All rights reserved. ERROR: ORA-01017: invalid username/password; logon denied Enter user-name: SQL*Plus: Release 11.2.0.4.0 Production on Mon Jan 16 17:09:16 2017 Copyright (c) 1982, 2013, Oracle. All rights reserved. ERROR: ORA-01017: invalid username/password; logon denied Enter user-name: SQL*Plus: Release 11.2.0.4.0 Production on Mon Jan 16 17:09:16 2017 Copyright (c) 1982, 2013, Oracle. All rights reserved. ERROR: ORA-01017: invalid username/password; logon denied Enter user-name: SQL*Plus: Release 11.2.0.4.0 Production on Mon Jan 16 17:09:16 2017 Copyright (c) 1982, 2013, Oracle. All rights reserved. ERROR: ORA-01017: invalid username/password; logon denied Enter user-name: SQL*Plus: Release 11.2.0.4.0 Production on Mon Jan 16 17:09:17 2017 Copyright (c) 1982, 2013, Oracle. All rights reserved. ERROR: ORA-01017: invalid username/password; logon denied Enter user-name: SQL*Plus: Release 11.2.0.4.0 Production on Mon Jan 16 17:09:19 2017 Copyright (c) 1982, 2013, Oracle. All rights reserved. ERROR: ORA-01017: invalid username/password; logon denied Enter user-name: SQL*Plus: Release 11.2.0.4.0 Production on Mon Jan 16 17:09:22 2017 Copyright (c) 1982, 2013, Oracle. All rights reserved. ERROR: ORA-01017: invalid username/password; logon denied Enter user-name: SQL*Plus: Release 11.2.0.4.0 Production on Mon Jan 16 17:09:26 2017 Copyright (c) 1982, 2013, Oracle. All rights reserved. ERROR: ORA-01017: invalid username/password; logon denied Enter user-name: SQL*Plus: Release 11.2.0.4.0 Production on Mon Jan 16 17:09:31 2017 Copyright (c) 1982, 2013, Oracle. All rights reserved. ERROR: ORA-01017: invalid username/password; logon denied Enter user-name: SQL*Plus: Release 11.2.0.4.0 Production on Mon Jan 16 17:09:37 2017 Copyright (c) 1982, 2013, Oracle. All rights reserved. ERROR: ORA-01017: invalid username/password; logon denied Enter user-name: SQL*Plus: Release 11.2.0.4.0 Production on Mon Jan 16 17:09:45 2017 Copyright (c) 1982, 2013, Oracle. All rights reserved. ERROR: ORA-28000: the account is locked #提示用户被锁定 #查询视图zx用户被锁定 sys@ORCL>select username,account_status,profile from dba_users where username='ZX'; USERNAME ACCOUNT_STATUS PROFILE ---------- -------------------- --------------- ZX OPEN DEFAULT
基于这个特性,如果在生产上修改了数据库用户密码,但是应用部分没有修改完全,则应用启动后有问题的应用会一直尝试连接数据库导致数据库用户被锁定,影响业务正常运行。可以修改用户尝试登录次数为ulimited来防止这种情况发生。
sys@ORCL>alter user zx account unlock; User altered. sys@ORCL>alter profile default limit failed_login_attempts unlimited; Profile altered. sys@ORCL>select * from dba_profiles where profile='DEFAULT' and resource_name='FAILED_LOGIN_ATTEMPTS'; PROFILE RESOURCE_NAME RESOURCE_TYPE LIMIT --------------- ------------------------------ ------------------------ ------------------- DEFAULT FAILED_LOGIN_ATTEMPTS PASSWORD UNLIMITED
至此,用户zx无论使用多少次错误密码都不会导致账户锁定。
官方文档:http://docs.oracle.com/cd/E11882_01/network.112/e36292/authentication.htm#CHDEGBEG
参考文档:http://www.2cto.com/database/201203/124001.html
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。
