温馨提示×

温馨提示×

您好,登录后才能下订单哦!

密码登录×
登录注册×
其他方式登录
点击 登录注册 即表示同意《亿速云用户服务条款》

Oracle的密码策略设置

发布时间:2020-05-12 14:37:27 来源:亿速云 阅读:703 作者:Leah 栏目:关系型数据库

今天小编就为大家带来一篇Oracle的密码策略设置的文章。小编觉得挺不错的,为此分享给大家做个参考。一起跟随小编过来看看吧。

<roidb1:orcl1:/home/oracle>$sqlplus / as sysdba

SQL*Plus: Release 11.2.0.4.0 Production on Mon Sep 18 18:16:19 2017 

Copyright (c) 1982, 2013, Oracle.  All rights reserved. 

Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, Real Application Clusters, Automatic Storage Management, OLAP,
Data Mining and Real Application Testing options



SQL> show parameter resource_limit

NAME                                 TYPE        VALUE
------------------------------------ ----------- ---------
resource_limit                       boolean     FALSE      --默认值    
SQL>


SQL> set linesize 160
SQL> select * from dba_profiles order by 1,3,2;

PROFILE                        RESOURCE_NAME                 RESOURCE LIMIT
------------------------- -------------------------------- ------------ ---------
DEFAULT                        COMPOSITE_LIMIT                  KERNEL   UNLIMITED
DEFAULT                        CONNECT_TIME                     KERNEL   UNLIMITED
DEFAULT                        CPU_PER_CALL                     KERNEL   UNLIMITED
DEFAULT                        CPU_PER_SESSION                  KERNEL   UNLIMITED
DEFAULT                        IDLE_TIME                        KERNEL   UNLIMITED
DEFAULT                        LOGICAL_READS_PER_CALL           KERNEL   UNLIMITED
DEFAULT                        LOGICAL_READS_PER_SESSION        KERNEL   UNLIMITED
DEFAULT                        PRIVATE_SGA                      KERNEL   UNLIMITED
DEFAULT                        SESSIONS_PER_USER                KERNEL   UNLIMITED
DEFAULT                        FAILED_LOGIN_ATTEMPTS            PASSWORD 10
DEFAULT                        PASSWORD_GRACE_TIME              PASSWORD 7

PROFILE                        RESOURCE_NAME                 RESOURCE LIMIT
------------------------- -------------------------------- ------------ --------
DEFAULT                        PASSWORD_LIFE_TIME               PASSWORD 180
DEFAULT                        PASSWORD_LOCK_TIME               PASSWORD 1
DEFAULT                        PASSWORD_REUSE_MAX               PASSWORD UNLIMITED
DEFAULT                        PASSWORD_REUSE_TIME              PASSWORD UNLIMITED
DEFAULT                        PASSWORD_VERIFY_FUNCTION         PASSWORD NULL
MONITORING_PROFILE             COMPOSITE_LIMIT                  KERNEL   DEFAULT
MONITORING_PROFILE             CONNECT_TIME                     KERNEL   DEFAULT
MONITORING_PROFILE             CPU_PER_CALL                     KERNEL   DEFAULT
MONITORING_PROFILE             CPU_PER_SESSION                  KERNEL   DEFAULT
MONITORING_PROFILE             IDLE_TIME                        KERNEL   DEFAULT
MONITORING_PROFILE             LOGICAL_READS_PER_CALL           KERNEL   DEFAULT

PROFILE                        RESOURCE_NAME                 RESOURCE LIMIT
------------------------- -------------------------------- ------------ ---------------
MONITORING_PROFILE             LOGICAL_READS_PER_SESSION        KERNEL   DEFAULT
MONITORING_PROFILE             PRIVATE_SGA                      KERNEL   DEFAULT
MONITORING_PROFILE             SESSIONS_PER_USER                KERNEL   DEFAULT
MONITORING_PROFILE             FAILED_LOGIN_ATTEMPTS            PASSWORD UNLIMITED
MONITORING_PROFILE             PASSWORD_GRACE_TIME              PASSWORD DEFAULT
MONITORING_PROFILE             PASSWORD_LIFE_TIME               PASSWORD DEFAULT
MONITORING_PROFILE             PASSWORD_LOCK_TIME               PASSWORD DEFAULT
MONITORING_PROFILE             PASSWORD_REUSE_MAX               PASSWORD DEFAULT
MONITORING_PROFILE             PASSWORD_REUSE_TIME              PASSWORD DEFAULT
MONITORING_PROFILE             PASSWORD_VERIFY_FUNCTION         PASSWORD DEFAULT

32 rows selected.


测试1: FAILED_LOGIN_ATTEMPTS=10 是否是生效

SQL> create user roidba identified by roidba;

User created.

SQL> grant connect,resource,dba to roidba;

Grant succeeded.

SQL> exit


省略..................经过十次登陆...........



<roidb1:orcl1:/home/oracle>$sqlplus roidba/roidbaa

SQL*Plus: Release 11.2.0.4.0 Production on Mon Sep 18 18:26:37 2017

Copyright (c) 1982, 2013, Oracle.  All rights reserved.

ERROR:
ORA-28000: the account is locked


Enter user-name:
ERROR:
ORA-01017: invalid username/password; logon denied


Enter user-name:


实验证明不管 resource_limit 是否为true,和密码相关的限制都是生效,其他和密码相关的大家可以自己测试。


DEFAULT                        FAILED_LOGIN_ATTEMPTS            PASSWORD 10     --密码输入十次都是错误,用户锁定
DEFAULT                        PASSWORD_LOCK_TIME               PASSWORD 1      --锁定一天以后自动解锁
DEFAULT                        PASSWORD_LIFE_TIME               PASSWORD 180    --密码生命周期180天,之后密码失效
DEFAULT                        PASSWORD_GRACE_TIME              PASSWORD 7      --宽限延续期,宽限期内登陆会有提示。


安装完数据库,一般会把password_life_time设置为unlimited。
SQL> alter profile default limit password_life_time unlimited;
Profile altered.



继续测试2:
SQL> create profile sess limit   
  2  SESSIONS_PER_USER 2;

Profile created.


SQL> alter user roidba profile sess;

User altered.

SQL> alter system set resource_limit=true;

System altered.


打开三个窗口,前两个都顺利登陆,第三个出现以下报错。


<roidb1:orcl1:/home/oracle>$sqlplus roidba/roidba

SQL*Plus: Release 11.2.0.4.0 Production on Mon Sep 18 18:48:24 2017

Copyright (c) 1982, 2013, Oracle.  All rights reserved.

ERROR:
ORA-02391: exceeded simultaneous SESSIONS_PER_USER limit
Enter user-name:

以上就是Oracle的密码策略设置的详细内容了,看完之后是否有所收获呢?如果想了解更多相关内容,欢迎关注亿速云行业资讯!

向AI问一下细节

免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。

AI