Oracle Learning (14): Managing user security

--User sql>--Create a user named Grace password is password, the new user does not have any rights sql> create user grace identified by password; Authentication User: Password authentication method (Username/password) External authentication method (host authentication, i.e. via login username) Global authentication Method (Other way: Biometric authentication mode, token mode) priority order: External validation > Password Authentication--Permissions (privilege) User rights are available in two ways: System: Allow users to run specific behaviors for the database, such as creating tables, creating users, and so on object: agreeing to access and manipulate a particular object with the user, For example: The query of the table under other schemes sql>--grant the grace user the System permission sql>--create session sql> Grant create session to grace; sql>--create tablesql> Grant CREATE table to grace; Sql>-Allocate space (change user Grace's space is not limited) sql> alter user grace Quota unlimited on users; Sql>--Object Permissions Sql>--Grant the Grace user sql> grant Select on the EMP to grace of the query for the current user's EMP table;  Sql>--admin option System permissions do not cascade sql>--DBA---Create session--Jeff: Administrator grants Jeff Login permission sql> Grant Create session To Jeff with admin option; Sql>---Jeff---Create session-to-Emi:jeff grants EMI Login Privileges sql> Grant create session to EMI; Sql>--The administrator revoked Jeff's login privileges. At this point, the access rights of EMI are still. Will not be cascaded delete sql> revoke create session from Jeff; Sql>--grant OPTION to revoke theLike permissions generate Cascade sql>--Scott-->select on EMP---> Jeff:scott user grants Jeff permission to query the EMP table sql> grant SELECT on EMP to Jeff with GR Ant option; Sql>--jeff:-->select on Scott.emp-Emi:jeff Grant EMI query Scott's EMP table permissions sql> Grant Select on Scott.emp to Emi;sql >--scott revoke Jeff's ability to query the EMP table, and the query permission for EMI is also removed sql> revoke select on EMP from jeff;--role sql>--Remove Role sql> drop Role Hr_clerk; Sql>-Creating a Manager role sql> create role hr_mgr; Sql>--Create a general employee role sql> creating role Hr_clerk; Sql>--Two privileges create session, create tablesql>--grant the general Employee Role Login Permission Sql> grant create session to Hr_clerk; Sql>-Grant the manager permission to create tables and permissions for the normal employee role sql> Grant create Table,hr_clerk to Hr_mgr; Sql>--grant connect,resouce to scott;connect,resouce system-defined roles sql>-Create users and grant permissions (basic functionality that normal users can do) sql>/*sql> Create user ****sql> Grant Connect,resouce to * * *; Sql> */--Profiles and users--each user can only be linked to a profile-profile: Manage account status and password expiration, and control the consumption of resources.

Oracle Learning (14): Managing user security