[20170111]设置无需口令登录数据库2.txt

[20170111]设置无需口令登录数据库2.txt

--//上午测试无需口令登录数据库，这样连接数据库使用sqlplus /@book ,这样实际上通过网络连接数据库，哪怕是在本机也是这样。
--//思考一下是否绕过。
--//前面测试链接：http://blog.itpub.net/267265/viewspace-2132220/

1.环境：
SCOTT@book> @ &r/ver1

PORT_STRING                    VERSION        BANNER
------------------------------ -------------- --------------------------------------------------------------------------------
x86_64/Linux 2.4.xx            11.2.0.4.0     Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production

2.分析2种连接方式：
$ rlsql scott/book
...
SCOTT@book> @ &r/spid
       SID    SERIAL# SPID       PID  P_SERIAL# C50
---------- ---------- ------ ------- ---------- --------------------------------------------------
        12       2075 49033       25        213 alter system kill session '12,2075' immediate;

$ ps -ef | grep 4903[3]
oracle   49033 49032  0 14:50 ?        00:00:00 oraclebook (DESCRIPTION=(LOCAL=YES)(ADDRESS=(PROTOCOL=beq)))
                                                                                             ~~~~~~~~~~~~~~
--//可以发现本地使用PROTOCOL=beq。(LOCAL=YES)

--//通过网络连接数据库。
$ rlsql /@book as sysdba
...
SYS@book> @ &r/spid

       SID    SERIAL# SPID       PID  P_SERIAL# C50
---------- ---------- ------ ------- ---------- --------------------------------------------------
        24       1631 49055       26        214 alter system kill session '24,1631' immediate;

$ ps -ef | grep 4905[5]
oracle   49055     1  0 14:52 ?        00:00:00 oraclebook (LOCAL=NO)
--//通过网络连接数据库,(LOCAL=NO)

3.突然想起我配置IPC协议模式,顺便补习一些概念：
http://www.orafaq.com/wiki/IPC

IPC (Inter Process Communications) is a SQL*Net protocol similar to the BEQ protocol in that it is only used for local
connections (when client and server programs reside on the same system). IPC can be used to establish Dedicated Server
and Shared Server connections. A listener is required to make IPC connections.
--//从介绍看依旧需要网络，只不过仅仅支持本机连接。

--//检查监听配置：
$ cat listener.ora
# listener.ora Network Configuration File: /u01/app/oracle/product/11.2.0.4/dbhome_1/network/admin/listener.ora
# Generated by Oracle configuration tools.

#SUBSCRIBE_FOR_NODE_DOWN_EVENT_LISTENER=OFF

SID_LIST_LISTENER =
   (SID_LIST =
    (SID_DESC =
      (SDU=32767)
      (GLOBAL_DBNAME = book)
      (ORACLE_HOME = /u01/app/oracle/product/11.2.0.4/dbhome_1)
      (SID_NAME = book)
      )
    )

LISTENER =
  (DESCRIPTION_LIST =
    (DESCRIPTION =
      (ADDRESS = (PROTOCOL = TCP)(HOST = 127.0.0.1)(PORT = 1521)(RATE_LIMIT=YES))
      (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.100.78)(PORT = 1521)(RATE_LIMIT=YES))
      (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521))
    )
  )

ADR_BASE_LISTENER = /u01/app/oracle
#DIAG_ADR_ENABLED_LISTENER=OFF
USE_NS_PROBES_FOR_DCD=true
#DYNAMIC_REGISTRATION_LISTENER = off
INBOUND_CONNECT_TIMEOUT_LISTENER=100
CONNECTION_RATE_LISTENER=5

--//在tnsnames.ora中配置加入：
78IPC =
(DESCRIPTION =
        (ADDRESS = (PROTOCOL = IPC)(KEY=EXTPROC1521))
        (CONNECT_DATA =
                (SERVER = DEDICATED)
#                (SID = book)
                (SERVICE_NAME = book)
        )
)

--//执行如下测试：
sqlplus scott/book@78ipc
sqlplus scott/book@(DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1521))(CONNECT_DATA=(SERVER=DEDICATED)(SID=book)(SERVICE_NAME=book)))
sqlplus scott/book@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.100.78)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=book)(UR=A)(INSTANCE_NAME=book)(SERVER=DEDICATED)))

--//以上测试ok。如何使用beq连接数据库呢，指配置连接串。
--//google,百度N久，做了许多尝试，最终配置如下通过，在tnsnames.ora中加入:
--//参考链接:http://www.freelists.org/post/oracle-l/Perfomrance-Issue-When-using-BEQ-protocol

78BEQ =
  (DESCRIPTION =
    (ADDRESS=(PROTOCOL=BEQ)(PROGRAM =oracle)(ARGV0=oraclebook)
    (ARGS='(DESCRIPTION=(LOCAL=YES)(ADDRESS=(PROTOCOL=BEQ)))')
    (ENVS ='ORACLE_SID=book,ORACLE_HOME=/u01/app/oracle/product/11.2.0.4/dbhome_1'))
  )

sqlplus scott/book@(DESCRIPTION=(ADDRESS=(PROTOCOL=BEQ)(PROGRAM=oracle)(ARGV0=oraclebook)(ARGS='(DESCRIPTION=(LOCAL=YES)(ADDRESS=(PROTOCOL=BEQ)))')(ENVS='ORACLE_SID=book,ORACLE_HOME=/u01/app/oracle/product/11.2.0.4/dbhome_1)))

--//测试通过:
$ rlsql scott/book@78beq
SCOTT@78beq> @ &r/spid

       SID    SERIAL# SPID       PID  P_SERIAL# C50
---------- ---------- ------ ------- ---------- --------------------------------------------------
        12       2091 53815       25        221 alter system kill session '12,2091' immediate;

$ ps -ef | grep 5381[5]
oracle   53815     1  0 09:08 ?        00:00:00 oraclebook (DESCRIPTION=(LOCAL=YES)(ADDRESS=(PROTOCOL=BEQ)))

--//很明显这样配置是使用PROTOCOL=BEQ.继续测试:

$ mkstore -wrl /u01/app/oracle/admin/wallets -createCredential 78beq scott book
Oracle Secret Store Tool : Version 11.2.0.4.0 - Production
Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
Enter wallet password:
Create credential oracle.security.client.connect_string2

$ rlsql /@78beq
SQL*Plus: Release 11.2.0.4.0 Production on Thu Jan 12 09:10:48 2017
Copyright (c) 1982, 2013, Oracle.  All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

SCOTT@78beq> show user
USER is "SCOTT"

SCOTT@78beq> @ &r/spid

       SID    SERIAL# SPID       PID  P_SERIAL# C50
---------- ---------- ------ ------- ---------- --------------------------------------------------
        24       2281 53872       26        192 alter system kill session '24,2281' immediate;

$ ps -fp 53872
UID        PID  PPID  C STIME TTY          TIME CMD
oracle   53872     1  0 09:10 ?        00:00:00 oraclebook (DESCRIPTION=(LOCAL=YES)(ADDRESS=(PROTOCOL=BEQ)))

--//探究纯属无聊...^_^.