First, Profile function
Profile in Oracle systems is used to limit the database resources that users can use.
Second, profile parameters detailed
(1) View database resource constraint parameters
Sql> select * from Dba_profiles;
Profile Resource_name RESOURCE LIMIT
------------------------------ -------------------------------- -------- --------------------
DEFAULT Composite_limit KERNEL Unlimited
DEFAULT Sessions_per_user KERNEL Unlimited
DEFAULT cpu_per_session KERNEL Unlimited
DEFAULT Cpu_per_call KERNEL Unlimited
DEFAULT logical_reads_per_session KERNEL Unlimited
DEFAULT Logical_reads_per_call KERNEL Unlimited
DEFAULT Idle_time KERNEL Unlimited
DEFAULT Connect_time KERNEL Unlimited
DEFAULT PRIVATE_SGA KERNEL Unlimited
DEFAULT failed_login_attempts PASSWORD 10
DEFAULT Password_life_time PASSWORD Unlimited
DEFAULT Password_reuse_time PASSWORD Unlimited
DEFAULT Password_reuse_max PASSWORD Unlimited
DEFAULT password_verify_function PASSWORD NULL
DEFAULT Password_lock_time PASSWORD Unlimited
DEFAULT Password_grace_time PASSWORD Unlimited
Monitoring_profile Composite_limit KERNEL DEFAULT
Monitoring_profile Sessions_per_user KERNEL DEFAULT
Monitoring_profile cpu_per_session KERNEL DEFAULT
Monitoring_profile Cpu_per_call KERNEL DEFAULT
Monitoring_profile logical_reads_per_session KERNEL DEFAULT
Monitoring_profile Logical_reads_per_call KERNEL DEFAULT
Monitoring_profile idle_time KERNEL DEFAULT
Monitoring_profile connect_time KERNEL DEFAULT
Monitoring_profile PRIVATE_SGA KERNEL DEFAULT
Monitoring_profile failed_login_attempts PASSWORD Unlimited
Monitoring_profile password_life_time PASSWORD DEFAULT
Monitoring_profile password_reuse_time PASSWORD DEFAULT
Monitoring_profile Password_reuse_max PASSWORD DEFAULT
Monitoring_profile password_verify_function PASSWORD DEFAULT
Monitoring_profile password_lock_time PASSWORD DEFAULT
Monitoring_profile password_grace_time PASSWORD DEFAULT
Rows selected. Unlimited: Users assigned to this profile have no restrictions on the use of resources, unlimited means there is no restriction on parameters when using password parameters.
Default: Specifying default means ignoring some resource restrictions in profile, the default profile initial definition is not limited to resources and can be changed by Alter Profile command.
(2) Detailed parameters Resource_parameter: Session_per_user: Specifies the number of concurrent sessions that limit the user. Cpu_per_session: Specifies the CPU time limit for the session, in 1% seconds. Cpu_per_call: Specifies the CPU time limit of one call (parse, execute, and extract), in 1% seconds. Connect_time: Specifies the total connection time, in minutes, of the session. Idle_time: Specifies the total time, in minutes, that the session allows consecutive inactivity, and the session is disconnected. Logical_reads_per_session: Specifies the number of data blocks that a session allows to read, including all blocks of data read from memory and disk. Logical_read_per_call: Specifies the maximum number of blocks of data that the SQL (parse, execute, and extract) call is allowed to read at a time. PRIVATE_SGA: Specifies the maximum space, in bytes, that a session can allocate in a shared pool (SGA). Composite_limit: Specifies the total resource consumption of a session, expressed in service units units. Oracle databases calculate cpu_per_session, Connect_time,logical_reads_per_session and p in a beneficial way RIVATE-SGA's total service units
Password_parameter: failed_login_attempts: Specifies the maximum number of attempts to log in before the account is locked. Password_life_time: Specifies the number of days that the same password is allowed to use.
password_reuse_time and Password_reuse_max: These two parameters must be associated with each other, password_reuse_time specify the days before the password cannot be reused &NB Sp number PASSWORD_REUSE_MAX specifies the number of times the password changed before the current password was reused. Two parameters &N Bsp numbers must be set to integers. password_lock_time: Specifies the number of failed login attempts to reach the account user's lockout time, in days. password_grace_time: Specify the number of Grace days, the database warns the number of days before the login expires. If the database password is not modified in the middle of this, expiration will expire. password_verify_function: This field allows complex pl/sql password validation scripts to be passed as parameters to the Create profile statement. Oracle database provides a default &NBsp ( ) script, but you can create your own validation rules or use Third-party software validation. For a function name, specify the password validation &N Bsp The name, specified as null means that the password validation feature is not used. If you specify an expression for the password parameter, the expression can be any of the format except for database quantum queries.
Third, the use of profile
(1) Create profile with the following commands:
CREATE Profile Profile profile_name
LIMIT {resource_parameters
| Password_parameters
}
[Resource_parameters
| Password_parameters
]... ;
(2) Profile assigned to the user, the order is as follows:
Alter user user_name profile Profile_name;
Iv. examples
(1) Create a user U1
Sql> Show user;
USER is "SYS"
Sql> create user U1 identified by U1;
User created.
Sql> Grant create session to U1;
Grant succeeded.
(2) Create profile for P1 to limit user attempts to login failed 2 times will be locked
Sql> Create profile P1 limit failed_login_attempts 2;
Profile created.
(3) Assign the created P1 to U1
sql> alter user U1 profile P1;
User altered.
(4) Try to verify
Sql> Select Username,account_status,lock_date,profile from dba_users where username= ' U1 ';
USERNAME account_status Lock_date Profile
---------------------------------------------------------------------------------//See U1 User's status is not locked
U1 OPEN &