iSQL*Plus的配置

iSQL*PLUS的配置等：

环境：WINXP+Oracle10.2.0.1.0

1.       更改ｉＳＱＬＰＬＵＳ的启动端口：

$ORACLE_HOME/oc4j/j2ee/isqlplus/config　下的http-web-site.xml文件中的port

步骤：

关闭服务：isqlplus stop

更改端口

启动服务：isqlplus start

 

2.      更改日志级别：

使用的是Log4j

$ORACLE_HOME/oc4j/j2ee/oc4j_applications/applications/isqlplus/isqlplus/WEB-INF/classes

下的log4j.properties中修改。

日志文件位于：

$ORACLE_HOME/oc4j/j2ee/isqlplus/application-deployments/isqlplus/application.log
   
   

帮助的日志记录在：

$ORACLE_HOME/oc4j/j2ee/isqlplus/application-deployments/isqlplushelp/application.log
   
   

 

3.       变更session的有效期：

在

$ORACLE_HOME/oc4j/j2ee/oc4j_applications/applications/isqlplus/isqlplus/WEB-INF
   
   

下的web.xml文件中。

设置：

<session-config>

      <session-timeout>15</session-timeout>

   </session-config>

为分钟状态。

 

4.       限制登陆的：

在Edit the

$ORACLE_HOME/oc4j/j2ee/oc4j-applications/applications/isqlplus/isqlplus/WEB-INF/web.xml

file to restrict database access to iSQL*Plus users

设置方式：

Connection identifiers are case insensitive, and each connection identifier listed in the argument should be identical to an alias in the tnsnames.ora file.

Once set, all connections made through the Login screen, all dynamic reports and any connections attempted with the CONNECT command are refused unless the connection is to one of the databases in the restricted list. Similarly, if SET INSTANCE is used, the connection identifier defined must match an entry in iSQLPlusConnectIdList or the connection is refused

设置<init-param>

         <param-name>iSQLPlusConnectIdList</param-name>

            <param-value>ora10g;ora9i</param-value>

参数,其中的<param-value>代表$ORACLE_HOME/network/admin/tnsnames.ora中的名字，只能从下拉框选择。

如果<param-value>没有设置值，那么可以手动输入SID。

 

5.       设置isqlplus的dba的链接

To access the iSQL*Plus DBA URL, you must set up the OC4J user manager. You can set up OC4J to use:

·         The XML-based provider type, jazn-data.xml

·         The LDAP-based provider type, Oracle Internet Directory

You need to stop the iSQL*Plus Application Server to enable iSQL*Plus DBA access.

建立的步骤：

1.     Create users for the iSQL*Plus DBA URL.

2.     Grant the webDba role to users.

3.     Restart the iSQL*Plus server after making any changes to the JAZN authentication file, jazn-data.xml. The JAZN authentication file is changed when you use the JAZN admin tool to set up users for the iSQL*Plus DBA URL.

4.     Test iSQL*Plus DBA Access.

管理用户，首先启动：JAZN shell

进入目录：

cd %ORACLE_HOME%/oc4j/j2ee/isqlplus/application-deployments/isqlplus

执行：

java -Djava.security.properties=%ORACLE_HOME%/sqlplus/admin/iplus/provider -jar %ORACLE_HOME%/oc4j/j2ee/home/jazn.jar -user "iSQL*Plus DBA/admin" -password welcome -shell

官方文档给出的启动：

$JAVA_HOME/bin/java -Djava.security.properties=$ORACLE_HOME/oc4j/j2ee/home/config/jazn.security.props -jar $ORACLE_HOME/oc4j/j2ee/home/jazn.jar -user "iSQL*Plus DBA/admin" -password admin_password -adduser "iSQL*Plus DBA" username password
    
    

 

管理用户：（大小写敏感）

listusers 查询全部用户

listusers "iSQL*Plus DBA" 查看这个组的用户

adduser "iSQL*Plus DBA" xiyou xiyou 添加新用户，用户名 密码

setpasswd "iSQL*Plus DBA" xiyou xiyou xiyou 更改用户密码，用户 原密码 新密码

remuser "iSQL*Plus DBA" hello 删除用户

grantrole webDba "iSQL*Plus DBA" xiyou赋予权限

revokerole webDba "iSQL*Plus DBA" xiyou回收权限

 

查出的角色：

JAZN:> listroles

iSQL*Plus DBA/webDba

iSQL*Plus DBA/admin

 

登陆：http://machine_name.domain:5560/isqlplus/dba
   
   

 

6.使用SSL进行安全连接iSQL*Plus

产生键值对：

Use the keytool utility to generate the keypair (public and private keys), and a keystore (database) to store the keypair:

$JAVA_HOME/bin/keytool
   
   

 

Configure iSQL*Plus to run in SSL mode.

1. Copy http-web-site.xml to secure-web-site.xml

2.         cd $ORACLE_HOME/oc4j/j2ee/isqlplus/config cp http-web-site.xml secure-web-site.xml

3. Edit secure-web-site.xml and set the port number, and add the attribute secure="true":

4.         <web-site port="4443" secure="true" display-name="Oracle9iAS Containers for J2EE HTTP Web Site">

The port you use for iSQL*Plus in SSL mode can be any free port on your machine. In this example, it is set to port 4443. The default SSL port is 443.

5. Add a new element to the web-site element in the secure-web-site.xml file.

6.         <ssl-config keystore="/oracle/ora10g/oc4j/j2ee/keystore" keystore-password="123456" />

Note:

You can hide the password through password indirection. See Oracle Application Server Containers for J2EE Security Guide for a description of password indirection.

7. Edit server.xml to refer to the secure-web-site.xml file:

8.         <web-site default="true" path="./secure-web-site.xml" />

 

6.       导入sql，对一些浏览器的不支持，设置：

Some browsers may require you to set up a MIME type to be able to save scripts to

your local machine. If iSQL*Plus opens a new window when you click "Save Script"

on the Work screen instead of prompting you to enter a filename to save the script,

then set up a MIME type

application/vnd.oracle-isqlplus.script

and configure it to allow you to save to disk. Also add

application/vnd.oracle-isqlplus.output

to allow you to use the Save to file option accessed through the Interface Options

screen of iSQL*Plus.