Oracle Wallets

Det er mye snakk om kompliserte passord, men brukernavn og passord ligger ofte i klartekst i batch filer rundt omkring. Det er enkelt og unngå dette med Oracle Wallets.

C:\Windows\system32>orapki wallet create -wallet C:\oracle\product\12.1.0\dbhome_1\NETWORK\ADMIN -auto_login_local
Oracle PKI Tool : Version 12.1.0.1
Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved.

Enter password:

Enter password again:

Parameteren -auto_login_local gjør at man ikke kan kopiere Wallet’en til en annen maskin. Ingen andre enn brukeren som har opprettet wallet’en kan bruke den.

Så må vi legge inn brukernavn og passord samt tns connection string:

C:\Windows\system32>mkstore -wrl C:\oracle\product\12.1.0\dbhome_1\NETWORK\ADMIN -createCredential tns_alias username password
Oracle Secret Store Tool : Version 12.1.0.1
Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved.

Enter wallet password:

Create credential oracle.security.client.connect_string1

Informasjonen om wallet’en må til slutt legges inn i sqlnet.ora

WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = C:\oracle\product\12.1.0\dbhome_1\NETWORK\ADMIN)
)
)

SQLNET.WALLET_OVERRIDE = TRUE

C:\>sqlplus /@tns_alias

SQL*Plus: Release 12.1.0.1.0 Production on Fri Jan 24 11:14:37 2014

Copyright (c) 1982, 2013, Oracle.  All rights reserved.

Connected to:
Oracle Database 12c Enterprise Edition Release 12.1.0.1.0 – 64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing opt
ions

http://docs.oracle.com/cd/E11882_01/network.112/e10746/asoappf.htm#ASOAG500

Advertisements