防止業務自身通過Oracle客戶端或第三方客戶端工具修改密碼,造成其他應用連接錯誤,防止數據庫因密碼延時驗證,出現Library cache lock等待事件。
適用版本:Oracle 11.2.0.4及以后版本
創建用戶hfxf并授予權限。
SYS@cdb19c >create user hfxf identified by Oracle_123;User created.SYS@cdb19c >grant connect,resource to hfxf;Grant succeeded.使用業務用戶hfxf登錄,嘗試修改自身密碼
[oracle@db19do01 ~]$ sqlplus hfxf/Oracle_123@hrpdbSQL*Plus: Release 19.0.0.0.0 - Production on Mon Sep 19 21:57:08 2022Version 19.3.0.0.0Copyright (c) 1982, 2019, Oracle. All rights reserved.Connected to:Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - ProductionVersion 19.3.0.0.0HFXF@hrpdb >show userUSER is "HFXF"HFXF@hrpdb >alter user hfxf identified by Oracle_456;User altered.HFXF@hrpdb >HFXF@hrpdb >passwordChanging password for HFXFOld password:New password:Retype new password:Password changedHFXF@hrpdb >業務用戶hfxf可以修改自身密碼創建密碼驗證的函數
SYS@cdb19c >CREATE OR REPLACE FUNCTION verify_function_false(username varchar2,password varchar2, old_password varchar2) RETURN boolean IS BEGIN if user not in ('SYS','SYSTEM') then -- customize this to allow any particular user by adding those users in this list of users. RETURN(FALSE); elsereturn true; end if; END;/ Function created.
創建profile并使用函數verify_function_false
SYS@cdb19c >CREATE PROFILE NO_CHANGE_PWD LIMIT PASSWORD_VERIFY_FUNCTION verify_function_false;Profile created.SYS@cdb19c >修改業務用戶profile
SYS@cdb19c >alter user hfxf profile NO_CHANGE_PWD;User altered.SYS@cdb19c >進行驗證,業務用戶hfxf已經不能修改自己密碼
[oracle@db19do01 ~]$ sqlplus hfxf/Oracle_789@hrpdbSQL*Plus: Release 19.0.0.0.0 - Production on Mon Sep 19 22:06:54 2022Version 19.3.0.0.0Copyright (c) 1982, 2019, Oracle. All rights reserved.Last Successful login time: Mon Sep 19 2022 22:06:19 +08:00Connected to:Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - ProductionVersion 19.3.0.0.0HFXF@hrpdb >alter user hfxf identified by Oracle_123;alter user hfxf identified by Oracle_123*ERROR at line 1:ORA-28221: REPLACE not specifiedHFXF@hrpdb >passwordChanging password for HFXFOld password:New password:Retype new password:ERROR:ORA-28003: password verification for the specified password failedPassword unchangedHFXF@hrpdb >-the end-
最后修改時間:2022-09-20 14:32:05
「喜歡這篇文章,您的關注和贊賞是給作者最好的鼓勵」
關注作者
【版權聲明】本文為墨天輪用戶原創內容,轉載時必須標注文章的來源(墨天輪),文章鏈接,文章作者等基本信息,否則作者和墨天輪有權追究責任。如果您發現墨天輪中有涉嫌抄襲或者侵權的內容,歡迎發送郵件至:contact@modb.pro進行舉報,并提供相關證據,一經查實,墨天輪將立刻刪除相關內容。
