Oracle的密碼策略設(shè)置

今天小編就為大家?guī)硪黄狾racle的密碼策略設(shè)置的文章。小編覺得挺不錯的，為此分享給大家做個參考。一起跟隨小編過來看看吧。

<roidb1:orcl1:/home/oracle>$sqlplus / as sysdba

SQL*Plus: Release 11.2.0.4.0 Production on Mon Sep 18 18:16:19 2017 

Copyright (c) 1982, 2013, Oracle.  All rights reserved. 

Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, Real Application Clusters, Automatic Storage Management, OLAP,
Data Mining and Real Application Testing options



SQL> show parameter resource_limit

NAME                                 TYPE        VALUE
------------------------------------ ----------- ---------
resource_limit                       boolean     FALSE      --默認(rèn)值    
SQL>


SQL> set linesize 160
SQL> select * from dba_profiles order by 1,3,2;

PROFILE                        RESOURCE_NAME                 RESOURCE LIMIT
------------------------- -------------------------------- ------------ ---------
DEFAULT                        COMPOSITE_LIMIT                  KERNEL   UNLIMITED
DEFAULT                        CONNECT_TIME                     KERNEL   UNLIMITED
DEFAULT                        CPU_PER_CALL                     KERNEL   UNLIMITED
DEFAULT                        CPU_PER_SESSION                  KERNEL   UNLIMITED
DEFAULT                        IDLE_TIME                        KERNEL   UNLIMITED
DEFAULT                        LOGICAL_READS_PER_CALL           KERNEL   UNLIMITED
DEFAULT                        LOGICAL_READS_PER_SESSION        KERNEL   UNLIMITED
DEFAULT                        PRIVATE_SGA                      KERNEL   UNLIMITED
DEFAULT                        SESSIONS_PER_USER                KERNEL   UNLIMITED
DEFAULT                        FAILED_LOGIN_ATTEMPTS            PASSWORD 10
DEFAULT                        PASSWORD_GRACE_TIME              PASSWORD 7

PROFILE                        RESOURCE_NAME                 RESOURCE LIMIT
------------------------- -------------------------------- ------------ --------
DEFAULT                        PASSWORD_LIFE_TIME               PASSWORD 180
DEFAULT                        PASSWORD_LOCK_TIME               PASSWORD 1
DEFAULT                        PASSWORD_REUSE_MAX               PASSWORD UNLIMITED
DEFAULT                        PASSWORD_REUSE_TIME              PASSWORD UNLIMITED
DEFAULT                        PASSWORD_VERIFY_FUNCTION         PASSWORD NULL
MONITORING_PROFILE             COMPOSITE_LIMIT                  KERNEL   DEFAULT
MONITORING_PROFILE             CONNECT_TIME                     KERNEL   DEFAULT
MONITORING_PROFILE             CPU_PER_CALL                     KERNEL   DEFAULT
MONITORING_PROFILE             CPU_PER_SESSION                  KERNEL   DEFAULT
MONITORING_PROFILE             IDLE_TIME                        KERNEL   DEFAULT
MONITORING_PROFILE             LOGICAL_READS_PER_CALL           KERNEL   DEFAULT

PROFILE                        RESOURCE_NAME                 RESOURCE LIMIT
------------------------- -------------------------------- ------------ ---------------
MONITORING_PROFILE             LOGICAL_READS_PER_SESSION        KERNEL   DEFAULT
MONITORING_PROFILE             PRIVATE_SGA                      KERNEL   DEFAULT
MONITORING_PROFILE             SESSIONS_PER_USER                KERNEL   DEFAULT
MONITORING_PROFILE             FAILED_LOGIN_ATTEMPTS            PASSWORD UNLIMITED
MONITORING_PROFILE             PASSWORD_GRACE_TIME              PASSWORD DEFAULT
MONITORING_PROFILE             PASSWORD_LIFE_TIME               PASSWORD DEFAULT
MONITORING_PROFILE             PASSWORD_LOCK_TIME               PASSWORD DEFAULT
MONITORING_PROFILE             PASSWORD_REUSE_MAX               PASSWORD DEFAULT
MONITORING_PROFILE             PASSWORD_REUSE_TIME              PASSWORD DEFAULT
MONITORING_PROFILE             PASSWORD_VERIFY_FUNCTION         PASSWORD DEFAULT

32 rows selected.


測試1： FAILED_LOGIN_ATTEMPTS=10 是否是生效

SQL> create user roidba identified by roidba;

User created.

SQL> grant connect,resource,dba to roidba;

Grant succeeded.

SQL> exit


省略..................經(jīng)過十次登陸...........



<roidb1:orcl1:/home/oracle>$sqlplus roidba/roidbaa

SQL*Plus: Release 11.2.0.4.0 Production on Mon Sep 18 18:26:37 2017

Copyright (c) 1982, 2013, Oracle.  All rights reserved.

ERROR:
ORA-28000: the account is locked


Enter user-name:
ERROR:
ORA-01017: invalid username/password; logon denied


Enter user-name:


實(shí)驗(yàn)證明不管 resource_limit 是否為true，和密碼相關(guān)的限制都是生效，其他和密碼相關(guān)的大家可以自己測試。


DEFAULT                        FAILED_LOGIN_ATTEMPTS            PASSWORD 10     --密碼輸入十次都是錯誤，用戶鎖定
DEFAULT                        PASSWORD_LOCK_TIME               PASSWORD 1      --鎖定一天以后自動解鎖
DEFAULT                        PASSWORD_LIFE_TIME               PASSWORD 180    --密碼生命周期180天，之后密碼失效
DEFAULT                        PASSWORD_GRACE_TIME              PASSWORD 7      --寬限延續(xù)期，寬限期內(nèi)登陸會有提示。


安裝完數(shù)據(jù)庫，一般會把password_life_time設(shè)置為unlimited。
SQL> alter profile default limit password_life_time unlimited;
Profile altered.



繼續(xù)測試2：
SQL> create profile sess limit   
  2  SESSIONS_PER_USER 2;

Profile created.


SQL> alter user roidba profile sess;

User altered.

SQL> alter system set resource_limit=true;

System altered.


打開三個窗口，前兩個都順利登陸，第三個出現(xiàn)以下報錯。


<roidb1:orcl1:/home/oracle>$sqlplus roidba/roidba

SQL*Plus: Release 11.2.0.4.0 Production on Mon Sep 18 18:48:24 2017

Copyright (c) 1982, 2013, Oracle.  All rights reserved.

ERROR:
ORA-02391: exceeded simultaneous SESSIONS_PER_USER limit
Enter user-name:

以上就是Oracle的密碼策略設(shè)置的詳細(xì)內(nèi)容了，看完之后是否有所收獲呢？如果想了解更多相關(guān)內(nèi)容，歡迎關(guān)注億速云行業(yè)資訊！