Oracle user identity authentication method

Database Identity Authentication

Database identity authentication is easy to understand, that is, the Database User Password is stored in the database in an encrypted manner. When a user connects to the database, the user name and password must be entered, you can log on to the database only after passing database authentication. For example, to create a database authenticated user, the statement is:

SQL> create user hxy4 identified bysys123; // use the by keyword to determine that the authentication method is database identity authentication.

User created.

To this end,The database must be open.

-- Database Identity Authentication: Oracle Authentication deems operating system users untrustworthy. to access the database, you must perform another authentication.

External Identity Authentication

-- Operating system authentication: oracle considers the operating system users to be reliable, that is, since you can log on to the operating system, you can also log on to the oracle database (that is, a login method provided by operating system users)

When a user tries to establish a connection to the database, the database does not require the user to enter the password and User Name

-- If you use external authentication to create a user account, Oracle delegates the authentication to the external service. It does not prompt for a password. If you enable the Advaned Security option, the only way to use external authentication is operating system authentication. This technology uses the same name as the operating system user account to create an Oracle user account, but adds the string specified by the OS _AUTHENT_PREFIX instance parameter before. By default, this parameter is an OPS $ string. You can use the following statements to query:

 

SQL> show parameter OS _authent_prefixNAME type value =----------- kerberos_authent_prefix string ops $ SQL> or: SQL> select value from v $ parameter where name = 'OS _ authent_prefix' 2/VALUE =ops $

 

Creating an external operating system authentication user is simple. If an operating system username is dragon, then:

For LINUX systems: create user ops $ dragon identified externally; for WINDOWS systems, if the login ID is Dragon, the domain name is MIS: create user "OPS $ MIS \ DRAGON" identified externally;

After creating a user, log on to the operating system as a dragon user, and then directly enter sqlplus/to log on and connect to the database.

1 2 3 Next Page