BC remote Oracle DBA - Call (800) 766-1884
Free Oracle Tips

Oracle Consulting Oracle Training Development
Oracle Training
SQL Tuning Consulting
Oracle Tuning Consulting
Data Warehouse Consulting
Oracle Project Management
Oracle Security Assessment
Unix Consulting
Burleson Books
Burleson Articles
Burleson Web Courses
Burleson Qualifications
Oracle Internals Magazine
Oracle Links
Oracle Monitoring
Remote Support Benefits
Remote Plans & Prices
Our Automation Strategy
What We Monitor
Oracle Apps Support
Print Our Brochure
Contact Us (e-mail)
Oracle Job Opportunities
Oracle Consulting Prices





   

 

SQL Server Support

SQL Server  Monitoring

SQL Server Health Checks

Oracle tuning

Remote DBA

Oracle training

Oracle support

Remote Oracle

Oracle Disaster

Oracle Training

Dress Code

Oracle Tuning

Remote Oracle Support

RAC consulting
 

 
 

 

 

Oracle Secure External Password Store

Oracle Tips by Burleson Consulting

This is an excerpt from "Oracle 10g New Features for Administrators" by Ahmed Baraka.


• Username and password credentials for connecting to databases can now be stored in a client-side Oracle wallet, a secure software container used to store authentication and signing credentials.

• When this feature is configured, application code, batch jobs, and scripts no longer need embedded user names and passwords.

Note: You cannot use Oracle Wallet Manager to manage credentials in external password store of the wallet.

Instead, you can use the command-line utility mkstore. The username and password for the following command are obtained from the wallet. The auto login feature of this wallet is turned on so the system does not need a password to open the wallet.

connect /@db_connect_string

To enable clients to use the external password store:

1. Create an auto login wallet on the client by using the following syntax at the command     line:

mkstore -wrl <wallet_location> -create

2. Create database connection credentials in the wallet by using the following syntax at the     command line:

mkstore -wrl <wallet_location> -
createCredential <db_connect_string> <username>
<password>

3. In the client sqlnet.ora file:

WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = <wallet_location>)
)
)

4. To override external authentication, such as Windows native authentication or Secure Sockets Layer (SSL), in the client sqlnet.ora file:

SQLNET.WALLET_OVERRIDE = TRUE

Managing External Password Store Credentials

To list the contents of the external password store:

mkstore -wrl <wallet_location> -listCredential

To add database login credentials to an existing client wallet:

mkstore -wrl <wallet_location> -
createCredential <db_alias> <username>
<password>

To modify database login credentials in a wallet:

mkstore -wrl <wallet_location> -
modifyCredential <dbase_alias> <username>
<password>

To delete database login credentials from a wallet:

mkstore -wrl <wallet_location> -
deleteCredential <db_alias>

Connect Role Privilege Reduction

The connect role privilege reduction feature reduces the number of privileges granted to the connect role to one, the CREATE SESSION privilege.

 
If you like Oracle tuning, see the book "Oracle Tuning: The Definitive Reference", with 950 pages of tuning tips and scripts. 

You can buy it direct from the publisher for 30%-off and get instant access to the code depot of Oracle tuning scripts.

Download your Oracle scripts now:

www.oracle-script.com

The definitive Oracle Script collection for every Oracle professional DBA

 
 


 

Free Oracle dictionary reference poster

BC Oracle support

Oracle books by Rampant

Oracle monitoring software

North Carolina Oracle Users Group

 

 Arabian horse breeder

Seeing eye horses

 

 

BC Remote Oracle Support
P.O. Box 511 • Kittrell, NC, 27544

Copyright © 2007 by Burleson Enterprises, Inc. All rights reserved.

Hit Counter