Before Oracle10G, when we connect to the database in SHELL or JDBC, we need to enter the user name and password, and both are in plain text. Starting from 1OGR2, ORACLE provides the wallet tool to log on to the database without entering the user name and password. Generally, sqlplusscottOracle @ htzdg uses the wallet tool: sqlplus @ ht
Before Oracle 10 Gb, when we connect to the database in SHELL or JDBC, we need to enter the user name and password, and both are in plain text. Starting from 1OGR2, ORACLE provides the wallet tool to log on to the database without entering the user name and password. Generally, after sqlplus scott/Oracle @ htzdg uses wallet: sqlplus/@ ht
Before Oracle 10 Gb, when we connect to the database in SHELL or JDBC, we need to enter the user name and password, and both are in plain text. Starting from 1OGR2, ORACLE provides the wallet tool to log on to the database without entering the user name and password, as shown below:
General situation: sqlplus scott/Oracle @ htzdg
After using wallet: sqlplus/@ htzdg
Test environment:
Server: solaris 10, Oracle 11gr2
Client: win 7, Oracle11gr2
Configure the tnsnames. ora file on the login end and add the following lines
HTZDG =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP) (HOST = 192.168.100.30) (PORT = 1521 ))
)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = htzdg)
)
)
Test whether Parsing is normal
C: \ Users \ luoping> tnsping htzdg
TNS Ping Utility for 32-bit Windows: Version 11.2.0.1.0-Production on 298-month-
21:40:40 2012
Copyright (c) 1997,201 0, Oracle. All rights reserved.
Used parameter files:
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ network \ admin \ sqlnet. ora
Alias resolved using TNSNAMES Adapter
Try to connect (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP) (HOST = 192.1
68.100.30) (PORT = 1521) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = h
Tzdg )))
OK (40 ms)
C: \ Users \ luoping>
The following describes how to configure wallet.
1. Create a wallet
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> mkstore-wrl D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ pstore-create
Oracle Secret Store Tool: Version 11.2.0.1.0-Production
Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
Enter the password:
Enter the password again:
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> cd ../
D: \ app \ luoping \ product \ 11.2.0 \ client_1> cd pstore
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ pstore> dir
The volume in drive D is DATA
The serial number of the volume is the D60C-09BD
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ pstore directory
.
..
3,589 cwallet. sso
3,512 ewallet. p12
2 files in 7,101 bytes
2 directories, 368,717,893,632 available bytes
2. Start wallet and specify the wallet location
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ network \ admin> more sqlnet. ora
# Sqlnet. ora Network Configuration File: D: \ app \ luoping \ product \ 11.2.0 \ client_1 \
Network \ admin \ sqlnet. ora
# Generated by Oracle configuration tools.
# This file is actually generated by netca. But if MERs choose
# Install "Software Only", this file wont exist and without the native
# Authentication, they will not be able to connect to the database on NT.
SQLNET. AUTHENTICATION_SERVICES = (CNT)
NAMES. DIRECTORY_PATH = (TNSNAMES, EZCONNECT)
WALLET_LOCATION = (SOURCE = (METHOD = FILE) (METHOD_DATA = (DIRECTORY = D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ pstore )))
SQLNET. WALLET_OVERRIDE = TRUE
3. Add the name, user, and password of the network service to be logged on to wallet.
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> mkstore-wrl D: \ app \ luoping \ product \ 1
1.2.0 \ client_1 \ pstore-createCredential htzdg sys Oracle
Oracle Secret Store Tool: Version 11.2.0.1.0-Production
Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
Enter the Wallet password:
Create credential Oracle. security. client. connect_string1
4. Check whether the test is successful.
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> sqlplus/@ htzdg as sysdba
SQL * Plus: Release 11.2.0.1.0 Production on Wednesday August 29 17:48:27 2012
Copyright (c) 1982,201 0, Oracle. All rights reserved.
Connect:
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0-64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL>
5. view the network service name configured in the wallet.
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> mkstore-wrl d: \ app \ luoping \ product \ 1
1.2.0 \ client_1 \ pstore-listCredential
Oracle Secret Store Tool: Version 11.2.0.1.0-Production
Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
Enter the Wallet password:
List credential (index: connect_string username)
1: htzdg sys
6. A network service name can correspond to only one user. If the number of users in the same database needs to be implemented through wallet in the same client, we need to create a network service name for each user.
The following is a test of a network service name. When two users are added, an error is returned.
C: \ Users \ luoping> mkstore-wrl D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ pstore-Re
AteCredential htzdg scott Oracle
Oracle Secret Store Tool: Version 11.2.0.1.0-Production
Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
Enter the Wallet password:
The key storage error occurs in Create credential: Oracle. security. pki. oraclesecretstore0000ti.
On: Credential already exists
7. After the password is changed, manually update the corresponding password in the wallet. Otherwise, an error is reported.
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> sqlplus/@ htzdg as sysdba
SQL * Plus: Release 11.2.0.1.0 Production on Wednesday August 29 17:45:56 2012
Copyright (c) 1982,201 0, Oracle. All rights reserved.
Connect:
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0-64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL>
SQL> alter user sys identified by htz;
The user has changed.
SQL> exit
From Oracle Database 11g Enterprise Edition Release 11.2.0.1.0-64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options disconnected
Open
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> sqlplus/@ htzdg as sysdba
SQL * Plus: Release 11.2.0.1.0 Production on Wednesday August 29 17:46:25 2012
Copyright (c) 1982,201 0, Oracle. All rights reserved.
ERROR:
ORA-01017: invalid username/password; logon denied
Enter the User Name:
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> mkstore-wrl D: \ app \ luoping \ product \ 1
1.2.0 \ client_1 \ pstore-modifyCredential htzdg sys
Oracle Secret Store Tool: Version 11.2.0.1.0-Production
Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
Your key/password is missing from the command line
Enter your key/password:
Enter your key/password again:
Enter the Wallet password:
Modify credential
Modify 1
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN>
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> mkstore-wrl D: \ app \ luoping \ product \ 1
1.2.0 \ client_1 \ pstore-modifyCredential htzdg sys
Oracle Secret Store Tool: Version 11.2.0.1.0-Production
Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
Your key/password is missing from the command line
Enter your key/password:
Enter your key/password again:
Enter the Wallet password:
Modify credential
Modify 1
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN>
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> sqlplus/@ htzdg as sysdba
SQL * Plus: Release 11.2.0.1.0 Production on Wednesday August 29 17:48:27 2012
Copyright (c) 1982,201 0, Oracle. All rights reserved.
Connect:
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0-64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL>
8. manually delete records in the wallet
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> mkstore-wrl d: \ app \ luoping \ product \ 1
1.2.0 \ client_1 \ pstore-deleteCredential htzdg
Oracle Secret Store Tool: Version 11.2.0.1.0-Production
Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
Enter the Wallet password:
Delete credential
Delete 1
9. mkstore Command help manual
D: \ app \ luoping \ product \ 11.2.0 \ client_1 \ BIN> mkstore
Oracle Secret Store Tool: Version 11.2.0.1.0-Production
Copyright (c) 2004,200 9, Oracle and/or its subsidiaries. All rights reserved.
Mkstore [-wrl] [-create] [-createSSO] [-createLSSO] [-createALO] [-delete] [
-DeleteSSO] [-list] [-createEntry alias secret] [-viewEntry alias] [-modifyEntry
Alias secret] [-deleteEntry alias] [-createCredential connect_string username p
Assword] [-listCredential] [-modifyCredential connect_string username password]
[-DeleteCredential connect_string] [-help] [-nologo]