Before Oracle 10 Gb, when we connect to the database in SHELL or JDBC, we need to enter the user name and password, and both are in plain text. Starting from 1OGR2, ORACLE provides the wallet tool to log on to the database without entering the user name and password, as shown below:
General situation: sqlplus scott/oracle @ htzdg
After using wallet: sqlplus/@ htzdg
Test environment:
Server: solaris 10, oracle 11gr2
Client: win 7, oracle11gr2
Configure the tnsnames. ora file on the login end and add the following lines
Test whether Parsing is normal
The following describes how to configure wallet.
1. Create a wallet
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> mkstore-wrl D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ pstore-Create
- Oracle Secret Store Tool: Version 11.2.0.1.0-Production
- Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
- Enter the password:
- Enter the password again:
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> cd ../
- D: \ app \ luoping \ product \ 11.2.0 \ client_1> cd pstore
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ pstore> dir
- The volume in drive D is DATA
- The serial number of the volume is the D60C-09BD
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ pstore directory
- <DIR>.
- <DIR> ..
- 3,589 cwallet. sso
- 3,512 ewallet. p12
- 2 files in 7,101 bytes
- 2 directories, 368,717,893,632 available bytes
2. Start wallet and specify the wallet location
- D:\app\luoping\product\11.2.0\client_1\network\admin>more sqlnet.ora
- # sqlnet.ora Network Configuration File: D:\app\luoping\product\11.2.0\client_1\
- network\admin\sqlnet.ora
- # Generated by Oracle configuration tools.
- # This file is actually generated by netca. But if customers choose to
- # install "Software Only", this file wont exist and without the native
- # authentication, they will not be able to connect to the database on NT.
- SQLNET.AUTHENTICATION_SERVICES= (NTS)
- NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)
- WALLET_LOCATION=(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=D:\app\luoping\product\11.2.0\client_1\pstore)))
- SQLNET.WALLET_OVERRIDE=TRUE
3. Add the name, user, and password of the network service to be logged on to wallet.
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> mkstore-wrl D: \ app \ luoping \ product \ 1
- 1.2.0 \ client_1 \ pstore-createCredential htzdg sys oracle
- Oracle Secret Store Tool: Version 11.2.0.1.0-Production
- Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
- Enter the Wallet password:
- CreateCredential oracle. security. client. connect_string1
4. Check whether the test is successful.
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> sqlplus/@ htzdgAsSysdba
- SQL * Plus: Release 11.2.0.1.0 ProductionOnWednesday, September 16, August 29 17:48:27, 2012
- Copyright (c) 1982,201 0, Oracle.AllRights reserved.
- Connect:
- OracleDatabase11g Enterprise Edition Release 11.2.0.1.0-64bit Production
- WithThe Partitioning, OLAP, Data MiningAnd RealApplication Testing options
- SQL>
5. view the network service name configured in the wallet.
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> mkstore-wrl d: \ app \ luoping \ product \ 1
- 1.2.0 \ client_1 \ pstore-listCredential
- Oracle Secret Store Tool: Version 11.2.0.1.0-Production
- Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
- Enter the Wallet password:
- List credential (Index: Connect_string username)
- 1: htzdg sys
6. A network service name can correspond to only one user. If the number of users in the same database needs to be implemented through wallet in the same client, we need to create a network service name for each user.
The following is a test of a network service name. When two users are added, an error is returned.
- C: \ Users \ luoping> mkstore-wrl D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ pstore-Re
- AteCredential htzdg scott oracle
- Oracle Secret Store Tool: Version 11.2.0.1.0-Production
- Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
- Enter the Wallet password:
- CreateKey storage error in credential: oracle. security. pki. oraclesecretstore0000ti
- On: Credential already exists
7. After the password is changed, manually update the corresponding password in the wallet. Otherwise, an error is reported.
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> sqlplus/@ htzdgAsSysdba
- SQL * Plus: Release 11.2.0.1.0 ProductionOnWednesday, September 16, August 29 17:45:56, 2012
- Copyright (c) 1982,201 0, Oracle.AllRights reserved.
- Connect:
- OracleDatabase11g Enterprise Edition Release 11.2.0.1.0-64bit Production
- WithThe Partitioning, OLAP, Data MiningAnd RealApplication Testing options
- SQL>
- SQL>Alter UserSys identifiedByHtz;
- The user has changed.
- SQL> exit
- From OracleDatabase11g Enterprise Edition Release 11.2.0.1.0-64bit Production
- WithThe Partitioning, OLAP, Data MiningAnd RealApplication Testing options disconnected
- Open
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> sqlplus/@ htzdgAsSysdba
- SQL * Plus: Release 11.2.0.1.0 ProductionOnWednesday, September 16, August 29 17:46:25, 2012
- Copyright (c) 1982,201 0, Oracle.AllRights reserved.
- ERROR:
- ORA-01017: invalid username/Password; Logon denied
- Enter the User Name:
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> mkstore-wrl D: \ app \ luoping \ product \ 1
- 1.2.0 \ client_1 \ pstore-modifyCredential htzdg sys
- Oracle Secret Store Tool: Version 11.2.0.1.0-Production
- Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
- Your key/password is missing from the command line
- Enter your key/password:
- Enter your key/password again:
- Enter the Wallet password:
- ModifyCredential
- Modify1
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN>
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> mkstore-wrl D: \ app \ luoping \ product \ 1
- 1.2.0 \ client_1 \ pstore-modifyCredential htzdg sys
- Oracle Secret Store Tool: Version 11.2.0.1.0-Production
- Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
- Your key/password is missing from the command line
- Enter your key/password:
- Enter your key/password again:
- Enter the Wallet password:
- ModifyCredential
- Modify1
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN>
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> sqlplus/@ htzdgAsSysdba
- SQL * Plus: Release 11.2.0.1.0 ProductionOnWednesday, September 16, August 29 17:48:27, 2012
- Copyright (c) 1982,201 0, Oracle.AllRights reserved.
- Connect:
- OracleDatabase11g Enterprise Edition Release 11.2.0.1.0-64bit Production
- WithThe Partitioning, OLAP, Data MiningAnd RealApplication Testing options
- SQL>
8. manually delete records in the wallet
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> mkstore-wrl d: \ app \ luoping \ product \ 1
- 1.2.0 \ client_1 \ pstore-deleteCredential htzdg
- Oracle Secret Store Tool: Version 11.2.0.1.0-Production
- Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
- Enter the Wallet password:
- DeleteCredential
- Delete1
9. mkstore Command help manual
- D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> mkstore
- Oracle Secret Store Tool: Version 11.2.0.1.0-Production
- Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
- Mkstore [-wrl] [-Create] [-CreateSSO] [-createLSSO] [-createALO] [-Delete] [
- -DeleteSSO] [-list] [-createEntry alias secret] [-viewEntry alias] [-modifyEntry
- Alias secret] [-deleteEntry alias] [-createCredential connect_string username p
- Assword] [-listCredential] [-modifyCredential connect_string usernamePassword]
- [-DeleteCredential connect_string] [-help] [-nologo]
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
