Oracle wallet usage and maintenance --- oracle password-less Login

Oracle wallet usage and maintenance-oracle logon to oracle wallet with no password starts from Oracle10gR2. Using Oracle Wallet allows any user to log on to the database without a password (non-operating system authentication ), this is very useful for logging on to the database using scripts; especially for enterprise security requirements, the user name and password do not need to be explicitly stored in the configuration file, in addition, it is extremely convenient to maintain the password. For example, if I put the wallet in the specified path, when I change the password, I only need to cover the wallet in a unified manner. This is especially convenient for a large number of application servers. Create a wallet usage on the client: E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore -- helpOracle Secret Store Tool: Version 11.2.0.1.0-Production all rights reserved (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved. The Wallet location is not specified. Mkstore [-wrl] [-create] [-createSSO] [-createLSSO] [-createALO] [-delete] [-deleteSSO] [-list] [-createEntry alias secret] [-viewEntry alias] [-modifyEntry alias secret] [-deleteEntry alias] [-createCredential connect_string username password] [-listCredential] [-modifyCredential connect_string username password] [-deleteCredential connect_string] [-help] [-nologo] E: \ app \ Administrator \ product \ 1 1.2.0 \ dbhome_1 \ BIN> 1. create wallet Syntax: mkstore-wrl <wallet_location>-createeg: www.2cto.com E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore-wrl e: \ temp \ wallet-createOracle Secret Store Tool: Version 11.2.0.1.0-Production copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved. Enter the password: (enter the wallet password, which must be more complex; otherwise, it will fail.) enter the password again: (enter the wallet password) E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> View volume in create wallete: \ temp \ wallet> dir drive E is the serial number of the data volume is DCEE-F1D9 e: \ temp \ wallet directory <DIR>. <DIR> .. 3,589 cwallet. sso2012/07/24 3,512 ewallet. p12 2 files 7,101 bytes 2 directories 212,962,336,768 available bytes e: \ temp \ wallet> 2. create a network connection string for the client to connect to the server. Each connection string corresponds to a database user skate_192.16 8.1.9 = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP) (HOST = 192.168.1.9) (PORT = 1521) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = skate) www.2cto.com) 3. add User authentication information for database login to e: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore-wrl e: \ temp \ wallet-createCredential skate_192.168.1.9 skate skatepwdOracle Secret Store Tool: Version 11.2.0.1.0-Production Copyright All Rights Reserved (c) 2004,200 9, Oracle and/or its sub-Public Division. All rights reserved. Enter the Wallet password: Create credential oracle. security. client. connect_string1 4. in the sqlnet. in the ora FILE, edit the parameter "WALLET_LOCATION" WALLET_LOCATION = (SOURCE = (METHOD = FILE) (METHOD_DATA = (DIRECTORY = e: \ temp \ wallet) SQLNET. WALLET_OVERRIDE = TRUE 5. test Database Connection without password on the client. E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> sqlplus/@ skate_192.168.1.9SQL * Plus: release 11.2.0.1.0 Production on Tuesday July 24 17:59:21 2012 Copyright (c) 1982, 2010, Oracle. all rights reserved. connect to: Oracle Database 10g Enterprise Edition Release 10.2.0.5.0-64bit ProductionWith the Partitioning, OLAP, Data Mining and Real Application Testing optionsSQL> show user; USER is "SKATE" SQL> www.2cto.com 6. how to manage wallet6.1 to view the connection authentication information in wallet E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore-wrl e: \ temp \ wallet-listCredentialOracle Secret Store Tool: version 11.2.0. 1.0-Production copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved. Enter the Wallet password: List credential (index: connect_string username) 1: skate_192.168.1.9 skate 6.2 to add a new authentication information to the wallet. In the wallet, the connection string is uniquely identified as E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore-wrl e: \ temp \ wallet-createCredential test_skate_s_192.168.1.9 skate skatepwdOracle Secret Store Tool: Version 11.2.0.1.0-Production copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved. Enter the Wallet password: Create credential oracle. security. client. connect_string2 check the added user authentication information E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore-wrl e: \ temp \ wallet-listCredentialOracle Secret Store Tool: version 11.2.0.1.0-Production copyright: (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved. Enter the Wallet password: www.2cto.com List credential (index: connect_string username) 2: test_skate_s_192.168.1.9 skate1: skate_192.168.1.9 skate 6.3 edit the User Password E in the wallet: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore-wrl e: \ temp \ wallet-modifyCredential test_skate_s_192.168.1.9 skate skatepwd1Oracle Secret Store Tool: Version 11.2.0.1.0-Production copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved. Enter the Wallet password: Modify credentialModify 2E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> 6.4 Delete wallet user authentication information E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore-wrl e: \ temp \ wallet-listCredentialOracle Secret Store Tool: Version 11.2.0.1.0-Production copyright (c) 2004,200 9, oracle and/or its subsidiaries. All rights reserved. Enter the Wallet password: List credential (index: connect_string username) 2: test_skate_s_192.168.1.9 skate1: skate_192.168.1.9 skateE: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore-wrl e: \ temp \ wallet-deleteCredential test_prodb_s_192.168.1.9Oracle Secret Store Tool: Version 11.2.0.1.0-Production copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved. Enter the Wallet password: Delete credentialDelete 2 www.2cto.com E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore-wrl e: \ temp \ wallet-listCredentialOracle Secret Store Tool: version 11.2.0.1.0-Production copyright: (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved. Enter the Wallet password: List credential (index: connect_string username) 1: skate_192.168.1.9 skateE: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> 7. view detailed authentication information in wallet E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore-wrl e: \ temp \ wallet-listOracle Secret Store Tool: version 11.2.0.1.0-Production copyright: (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved. Enter the Wallet password: Oracle key storage entry: oracle. security. client. connect_string1oracle.security.client.password1oracle.security.client.username1 E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore-wrl e: \ temp \ wallet-viewEntry oracle. security. client. connect_string1Oracle Secret Store Tool: Version 11.2.0.1.0-Production copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved. Enter the Wallet password: oracle. security. client. connect_string1 = skate_192.168.1.9E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore-wrl e: \ temp \ wallet-viewEntry oracle. security. client. password1Oracle Secret Store Tool: Version 11.2.0.1.0-Production copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved. Enter the Wallet password: www.2cto.com oracle. security. client. password1 = skatepwdE: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore-wrl e: \ temp \ wallet-viewEntry oracle. security. client. username1Oracle Secret Store Tool: Version 11.2.0.1.0-Production copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved. Enter the Wallet password: oracle. security. client. username1 = skateE: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> 8. change the content of user authentication information in wallet 8.1 Change Password E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore-wrl e: \ temp \ wallet-modifyEntry oracle. security. client. password1 skatepwd1Oracle Secret Store Tool: Version 11.2.0.1.0-Production all rights reserved (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved. Enter Wallet password: 8.2 Change Password E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> mkstore-wrl e: \ temp \ wallet-modifyEntry oracle. security. client. username1 skate1Oracle Secret Store Tool: Version 11.2.0.1.0-Production copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved. The difference between entering the Wallet password: E: \ app \ Administrator \ product \ 11.2.0 \ dbhome_1 \ BIN> and (-modifyCredential) in step 6.3 is that not only changing the password here, the connection string and password can both be changed to www.2cto.com. Here we create a local wallet and can log on from the local client. Can we use other places? A. in win7 + oracle11g client created on the wallet, no password to access the linux + oracle10g Service server is no problem, but the wallet copy to the linux + oracle10g server, no password login is reported "ORA-12534: TNS: operation not supported ", you need to use the following command to edit it so that you can log on without a password. Although the statement has not changed anything. [Oracle @ localhost ~] $ Mkstore-wrl/tmp/wallet1-createCredential skate_192.168.1.9 skate skatepwd1 B. if the wallet created on the linux + oracle10g server does not have a password to access the linux + oracle10g Service server, there is no problem. Copy the wallet to the win7 + oracle11g client, and there is no problem with logon without a password. It may be a version issue. To log on to the console without a password, follow these steps: 1. create a wallet (tnsname. the connection string in ora, sqlnet. ora file content must be copied to the client) 2. copy the wallet to the specified path on the client (note the File Permission and owner). 3. modify the tnsname of the client. the connection string of the connection server in the ora file is the connection string at the time of creation. add the following content to the ora FILE: WALLET_LOCATION = (SOURCE = (METHOD = FILE) (METHOD_DATA = (DIRECTORY = e: \ temp \ wallet) SQLNET. WALLET_OVERRIDE = TRUE4. in sqlplus without a password, test sqlplus/@ skate_192.168.1.9 www.2cto.com to connect to the Database Password in jdbc in the following format: public static Connection getConnection () throws SQLException {DriverManager. registerDriver (new OracleDriver (); Connection conn = DriverManager. getConnection ("jdbc: oracle: oci: // @ tnskate"); conn. setAutoCommit (false); return conn;} For details, refer to [ID 340559.1] [ID 741810.1] ----- end ---- author skate)