iSQL*PLUS的配置等:
环境:WINXP+Oracle10.2.0.1.0
1. 更改iSQLPLUS的启动端口:
$ORACLE_HOME/oc4j/j2ee/isqlplus/config 下的http-web-site.xml文件中的port
步骤:
关闭服务:isqlplus stop
更改端口
启动服务:isqlplus start
2. 更改日志级别:
使用的是Log4j
$ORACLE_HOME/oc4j/j2ee/oc4j_applications/applications/isqlplus/isqlplus/WEB-INF/classes
下的log4j.properties中修改。
日志文件位于:
$ORACLE_HOME/oc4j/j2ee/isqlplus/application-deployments/isqlplus/application.log
帮助的日志记录在:
$ORACLE_HOME/oc4j/j2ee/isqlplus/application-deployments/isqlplushelp/application.log
3. 变更session的有效期:
在
$ORACLE_HOME/oc4j/j2ee/oc4j_applications/applications/isqlplus/isqlplus/WEB-INF
下的web.xml文件中。
设置:
<session-config>
<session-timeout>15</session-timeout>
</session-config>
为分钟状态。
4. 限制登陆的:
在Edit the
$ORACLE_HOME/oc4j/j2ee/oc4j-applications/applications/isqlplus/isqlplus/WEB-INF/web.xml
file to restrict database access to iSQL*Plus users
设置方式:
Connection identifiers are case insensitive, and each connection identifier listed in the argument should be identical to an alias in the tnsnames.ora file.
Once set, all connections made through the Login screen, all dynamic reports and any connections attempted with the CONNECT command are refused unless the connection is to one of the databases in the restricted list. Similarly, if SET INSTANCE is used, the connection identifier defined must match an entry in iSQLPlusConnectIdList or the connection is refused
设置<init-param>
<param-name>iSQLPlusConnectIdList</param-name>
<param-value>ora10g;ora9i</param-value>
参数,其中的<param-value>代表$ORACLE_HOME/network/admin/tnsnames.ora中的名字,只能从下拉框选择。
如果<param-value>没有设置值,那么可以手动输入SID。
5. 设置isqlplus的dba的链接
To access the iSQL*Plus DBA URL, you must set up the OC4J user manager. You can set up OC4J to use:
· The XML-based provider type, jazn-data.xml
· The LDAP-based provider type, Oracle Internet Directory
You need to stop the iSQL*Plus Application Server to enable iSQL*Plus DBA access.
建立的步骤:
1. Create users for the iSQL*Plus DBA URL.
2. Grant the webDba role to users.
3. Restart the iSQL*Plus server after making any changes to the JAZN authentication file, jazn-data.xml. The JAZN authentication file is changed when you use the JAZN admin tool to set up users for the iSQL*Plus DBA URL.
4. Test iSQL*Plus DBA Access.
管理用户,首先启动:JAZN shell
进入目录:
cd %ORACLE_HOME%/oc4j/j2ee/isqlplus/application-deployments/isqlplus
执行:
java -Djava.security.properties=%ORACLE_HOME%/sqlplus/admin/iplus/provider -jar %ORACLE_HOME%/oc4j/j2ee/home/jazn.jar -user "iSQL*Plus DBA/admin" -password welcome -shell
官方文档给出的启动:
$JAVA_HOME/bin/java -Djava.security.properties=$ORACLE_HOME/oc4j/j2ee/home/config/jazn.security.props -jar $ORACLE_HOME/oc4j/j2ee/home/jazn.jar -user "iSQL*Plus DBA/admin" -password admin_password -adduser "iSQL*Plus DBA" username password
管理用户:(大小写敏感)
listusers 查询全部用户
listusers "iSQL*Plus DBA" 查看这个组的用户
adduser "iSQL*Plus DBA" xiyou xiyou 添加新用户,用户名 密码
setpasswd "iSQL*Plus DBA" xiyou xiyou xiyou 更改用户密码,用户 原密码 新密码
remuser "iSQL*Plus DBA" hello 删除用户
grantrole webDba "iSQL*Plus DBA" xiyou赋予权限
revokerole webDba "iSQL*Plus DBA" xiyou回收权限
查出的角色:
JAZN:> listroles
iSQL*Plus DBA/webDba
iSQL*Plus DBA/admin
登陆:http://machine_name.domain:5560/isqlplus/dba
6.使用SSL进行安全连接iSQL*Plus
产生键值对:
Use the keytool utility to generate the keypair (public and private keys), and a keystore (database) to store the keypair:
$JAVA_HOME/bin/keytool
Configure iSQL*Plus to run in SSL mode.
- Copy http-web-site.xml to secure-web-site.xml
2. cd $ORACLE_HOME/oc4j/j2ee/isqlplus/config cp http-web-site.xml secure-web-site.xml
- Edit secure-web-site.xml and set the port number, and add the attribute secure="true":
4. <web-site port="4443" secure="true" display-name="Oracle9iAS Containers for J2EE HTTP Web Site">
The port you use for iSQL*Plus in SSL mode can be any free port on your machine. In this example, it is set to port 4443. The default SSL port is 443.
- Add a new element to the web-site element in the secure-web-site.xml file.
6. <ssl-config keystore="/oracle/ora10g/oc4j/j2ee/keystore" keystore-password="123456" />
Note:
You can hide the password through password indirection. See Oracle Application Server Containers for J2EE Security Guide for a description of password indirection.
- Edit server.xml to refer to the secure-web-site.xml file:
8. <web-site default="true" path="./secure-web-site.xml" />
6. 导入sql,对一些浏览器的不支持,设置:
Some browsers may require you to set up a MIME type to be able to save scripts to
your local machine. If iSQL*Plus opens a new window when you click "Save Script"
on the Work screen instead of prompting you to enter a filename to save the script,
then set up a MIME type
application/vnd.oracle-isqlplus.script
and configure it to allow you to save to disk. Also add
application/vnd.oracle-isqlplus.output
to allow you to use the Save to file option accessed through the Interface Options
screen of iSQL*Plus.