zoukankan      html  css  js  c++  java

  • Who is locking the DB account?

    Sometimes the database account is locket frequently. That is because someone was trying to login to the database with a wrong password.  So, you may want to find out the person and tell him/her to use a correct password. Below are the way to accomplish it.

    Before we start, you need to know you can enable audit to accomplish it. But audit may cause some performance issue, besides you need to reboot the database which is very inconvenient. So we will not use this way. We use trigger to do it.

    We are going to create a database trigger, this trigger will be fired when the invalid password error(1017) happen. After being fired it will record the corresponding information like username , host and so one. Below are the trigger body.

    1 CREATE OR REPLACE TRIGGER sys.logon_trigger
2 AFTER SERVERERROR ON DATABASE
3 BEGIN
4   IF (IS_SERVERERROR(1017)) THEN
5 INSERT INTO who_lck_account VALUES(SYS_CONTEXT(‘USERENV’, ‘AUTHENTICATED_IDENTITY’), SYS_CONTEXT(‘USERENV’, ‘HOST’),SYS_CONTEXT(‘USERENV’, ‘OS_USER’), SYS_CONTEXT(‘USERENV’, ‘IP_ADDRESS’),SYSDATE);
6 COMMIT;
7   END IF;
8 END;

    You may noticed that the trigger is using a table. So below are the DDL for that table.

    1 SQL> create table sys.who_lck_account
2   2  (
3   3  USERNAME VARCHAR2(30),
4   4  USERHOST VARCHAR2(128),
5   5  OSUSER VARCHAR2(28),
6   6  USERIP VARCHAR2(128),
7   7  TIMESTAMP DATE
8   8  );

    Ok. Try to login with a error password, you will find you a recorded in the table.

    For example, I login with scott and the wrong password.

        kramer[/export/home/oratop ] sqlplus scott/tig@c21upg10

    SQL*Plus: Release 10.2.0.3.0 – Production on Fri Mar 22 13:58:59 2013

    Copyright (c) 1982, 2006, Oracle.  All Rights Reserved.

    ERROR:
    ORA-01017: invalid username/password; logon denied

    Enter user-name: ^C

    Check the table who_lck_account.

        SQL> SELECT * FROM sys.who_lck_account;

    USERNAME   USERHOST             OSUSER               USERIP                       TIMESTAMP
    ———- ——————– ——————– —————————- —————————-
    scott      kramer             oratop               192.168.1.44                 2013-03-22 13:58:56
    scott      kramer             oratop               192.168.1.44                 2013-03-22 13:58:56
    scott      kramer             oratop               192.168.1.44                 2013-03-22 13:58:59
    scott      kramer             oratop               192.168.1.44                 2013-03-22 13:58:59
  • 相关阅读:
    java泛型详解
    一条sql语句搞定基于mysql的sql执行顺序的基本理解
    java深拷贝和浅拷贝
    Intelligent idea高效实用总结
    git工具的使用总结
    java注解详解
    实现业务系统中的用户权限管理设计篇
    有创业兴趣的来看看
    System.Web.HttpRequestValidationException:解决方法
    XMLHttpRequest 对象
  • 原文地址:https://www.cnblogs.com/kramer/p/2975872.html
Copyright © 2011-2022 走看看