OS_AUTHENT_PREFIXspecifies a prefix that Oracle uses to authenticateusers attempting to connect to the server. Oracle concatenates the value of this parameter to the beginning of the user's operating system account name and password. When a connection request is attempted, Oracle compares the prefixed username with Oracleusernames in the database.
The default value of this parameter isOPS$for backward compatibility with previous versions. However, you might prefer to set the prefix value to "" (a null string), thereby eliminating the addition of any prefix to operatingsystem account names.
Note:
The text of theOS_AUTHENT_PREFIXparameteris case sensitive on some operating systems.
OCP试题中有一道题,考察此知识点:
The database instance has the following parameter setting:
You have a local operating system user SKD. You create a database user OPS$SKD, and then
assign external authentication. The user OPS$SKD has the CREATE SESSION privilege. Whatwould you achieve by the above process?
A.The database user OPS$SKD will be able to administer the database.
B.The authentication detail for the database user OPS$SKD is recorded in the password file.
C.The local operating system user SKD will be able to access the database instance withoutspecifying the username and password.
D.The database user OPS$SKD has to login with the password of the local operating system userSKD to access the database instance.
The answer is C
实验:
SQL> select * from v$version;
BANNER
--------------------------------------------------------------------------------
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - Production
PL/SQL Release 11.2.0.1.0 - Production
CORE 11.2.0.1.0 Production
TNS for Linux: Version 11.2.0.1.0 - Production
NLSRTL Version 11.2.0.1.0 - Production
[oracle@yjgocp ~]$ sqlplus / as sysdba
SQL*Plus: Release 11.2.0.1.0 Production on Thu Jun 6 10:34:25 2013
Copyright (c) 1982, 2009, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> show parameter os_auth
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
os_authent_prefix string OPS$
remote_os_authent boolean FALSE
--创建ops$开头的用户,并启用外部验证;
SQL> create user ops$oracle identified byexternally;
User created.
SQL> select username,password,account_status from dba_users;
USERNAME PASSWORD ACCOUNT_STATUS
------------------------------ ------------------------------ --------------------------------
RC_OCP OPEN
U_TP6 OPEN
V_USER1 OPEN
U_1 OPEN
GYJ OPEN
SCOTT OPEN
OPS$ORACLE OPEN
SQL> grant connect to ops$oracle;
Grant succeeded.
SQL> shutdown immediate;
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> startup;
ORACLE instance started.
Total System Global Area 422670336 bytes
Fixed Size 1336960 bytes
Variable Size 348129664 bytes
Database Buffers 67108864 bytes
Redo Buffers 6094848 bytes
Database mounted.
Database opened.
[oracle@yjgocp ~]$ id
uid=500(oracle) gid=500(oinstall) groups=500(oinstall),501(dba)
[oracle@yjgocp ~]$ sqlplus /
SQL*Plus: Release 11.2.0.1.0 Production on Thu Jun 6 10:32:10 2013
Copyright (c) 1982, 2009, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> show user;
USER is "OPS$ORACLE"
REMOTE_OS_AUTHENT
PropertyDescriptionParameter typeBooleanDefault valuefalseModifiableNoRange of valuestrue | false
REMOTE_OS_AUTHENTspecifies whether remote clients will be authenticatedwith the value of theOS_AUTHENT_PREFIXparameter.
Note:
TheREMOTE_OS_AUTHENTparameter is deprecated. It is retained for backward compatibility only.
参数REMOTE_OS_AUTHENT用来控制是否允许远端操作系统验证。默认为false,该参数也只是为了向前兼容,如果按照下面的设置,
那么也会像本地操作体统用户一样不用用户名密码就可以访问实例;风险大,不建议使用;
ALTERSYSTEM SET REMOTE_OS_AUTHENT = TRUE SCOPE = SPFILE;
QQ群⑧:
窥视卡
雷达卡
发表于 2016-7-26 11:34:49
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡