ORACLE概要文件PROFILE

    ORACLE概要文件是Oracle为了合理的分配和使用系统资源而提出的概念，就是一份描述如何使用系统资源的配置文件。当DBA在创建一个用户的时候，Oracle会自动的为该用户创建一个相关联的缺省概要文件。概要文件中包含一组约束条件和配置项，它可以限制允许用户使用的资源。
   
    下面是创建概要文件的语法：
create_profile::=

1. CREATE PROFILE profile
   
2.    LIMIT { resource_parameters
   
3.          | password_parameters
   
4.          }...
   
5. ;

resource_parameters ::=

1. { { SESSIONS_PER_USER
   
2.   | CPU_PER_SESSION
   
3.   | CPU_PER_CALL
   
4.   | CONNECT_TIME
   
5.   | IDLE_TIME
   
6.   | LOGICAL_READS_PER_SESSION
   
7.   | LOGICAL_READS_PER_CALL
   
8.   | COMPOSITE_LIMIT
   
9.   }
   
10.   { integer | UNLIMITED | DEFAULT }
    
11. | PRIVATE_SGA
    
12.   { size_clause | UNLIMITED | DEFAULT }
    
13. }

password_parameters  ::=

1. { { FAILED_LOGIN_ATTEMPTS
   
2.   | PASSWORD_LIFE_TIME
   
3.   | PASSWORD_REUSE_TIME
   
4.   | PASSWORD_REUSE_MAX
   
5.   | PASSWORD_LOCK_TIME
   
6.   | PASSWORD_GRACE_TIME
   
7.   }
   
8.   { expr | UNLIMITED | DEFAULT }
   
9. | PASSWORD_VERIFY_FUNCTION
   
10.   { function | NULL | DEFAULT }
    
11. }

从以上语法可以看出，概要文件通过是 限制数据库系统相关的资源 和 数据库口令及验证 相关的限制 
1.限制数据库系统相关资源的参数（ resource_parameters）

SESSIONS_PER_USER ：         Specify the number of concurrent sessions to which you want to limit the user（指定你想限制的并发用户的数量）.     CPU_PER_SESSION  ：         Specify the CPU time limit for a session, expressed in hundredth of seconds.（定义一个会话占用的cup时钟限制，单位是在1/100秒内），当达到这个限制，用户不能在此会话中操作，此时必须先断开，再进行连接）     CPU_PER_CALL  ：         Specify the CPU time limit for a call (a parse, execute, or fetch), expressed in hundredths of seconds.（每次调用的CPU时钟限制，调用包含解析、执行命令和获取数据等等，单位是1/100秒内， 当达到限制时，该语句报错结束 ）     CONNECT_TIME ：         Specify the total elapsed time limit for a session, expressed in minutes.（指定一个会话最长连接时间，单位是分钟。一个会话的连接时间超过指定时间之后，Oracle会自动的断开连接）     IDLE_TIME ：         Specify the permitted periods of continuous inactive time during a session, expressed in minutes. Long-running queries and other operations are not subject to this limit.（指定一个会话的最长空闲时间，单位是分钟，长时间的查询和其他操作不受此限制。如果一个会话处于空闲状态超过指定时间，Oracle会自动断开连接）     LOGICAL_READS_PER_SESSION         Specify the permitted number of data blocks read in a session, including blocks read from memory and disk.（指定每个会话可以读取的最大数据块数量，数据块包括逻辑块和物理块）     LOGICAL_READS_PER_CALL         Specify the permitted number of data blocks read for a call to process a SQL statement (a parse, execute, or fetch). （每次执行一个SQL语句最大可以调用的数据块数量）     PRIVATE_SGA         Specify the amount of private space a session can allocate in the shared pool of the system global area (SGA). Refer to size_clause for information on that clause.（在SGA的共享池中为每个会话指定私有空间的最大容量） Note: This limit applies only if you are using shared server architecture. The private space for a session in the SGA includes private SQL and PL/SQL areas, but not shared SQL and PL/SQL areas.     COMPOSITE_LIMIT          Specify the total resource cost for a session, expressed in service units. Oracle Database calculates the total service units as a weighted sum  ofCPU_PER_SESSION, CONNECT_TIME, LOGICAL_READS_PER_SESSION, and PRIVATE_SGA.（每个会话的资源成本限制）

2. 数据库用户口令及验证的相关参数（password_parameters）

Use the following clauses to set password parameters. Parameters that set lengths of time—that is, all the password parameters exceptFAILED_LOGIN_ATTEMPTS and PASSWORD_REUSE_MAX—are interpreted in number of days. For testing purposes you can specify minutes (n/1440) or even seconds (n/86400) for these parameters. You can also use a decimal value for this purpose (for example .0833 for approximately one hour). The minimum value is 1 second. The maximum value is 24855 days. For FAILED_LOGIN_ATTEMPTS and PASSWORD_REUSE_MAX, you must specify an integer.     FAILED_LOGIN_ATTEMPTS      Specify the number of consecutive failed attempts to log in to the user account before the account is locked. If you omit this clause, then the default is 10 times.     指定连续登录错误的最大次数，超过这个次数，该账户就会被锁定，默认为10次     PASSWORD_LIFE_TIME      Specify the number of days the same password can be used for authentication. If you also set a value for PASSWORD_GRACE_TIME, then the password expires if it is not changed within the grace period, and further connections are rejected. If you omit this clause, then the default is 180 days.     指定密码的最长有效期；如果设置了 PASSWORD_GRACE_TIME，如果过了这个值设置的宽限期，还没有改密码，密码将会过期；如果你忽略了设置 PASSWORD_LIFE_TIME的值，默认将是180天 See Also: Oracle Database Security Guide for information on setting PASSWORD_LIFE_TIME to a low value     PASSWORD_REUSE_TIME and PASSWORD_REUSE_MAX      These two parameters must be set in conjunction with each other. PASSWORD_REUSE_TIME specifies the number of days before which a password cannot be reused. PASSWORD_REUSE_MAX specifies the number of password changes required before the current password can be reused. For these parameter to have any effect, you must specify a value for both of them.         PASSWORD_REUSE_TIME 和 PASSWORD_REUSE_MAX 必须联合起来使用，     PASSWORD_REUSE_TIME指定口令被更改后，原有口令要隔多少天才能被重新使用，     PASSWORD_REUSE_MAX指定口令被更改多少次后，原有口令才能被重新使用  If you specify a value for both of these parameters, then the user cannot reuse a password until the password has been changed the number of times specified for PASSWORD_REUSE_MAX during the number of days specified for PASSWORD_REUSE_TIME. For example, if you specify PASSWORD_REUSE_TIME to 30 and PASSWORD_REUSE_MAX to 10, then the user can reuse the password after 30 days if the password has already been changed 10 times. If you specify a value for either of these parameters and specify UNLIMITED for the other, then the user can never reuse a password. If you specify DEFAULT for either parameter, then Oracle Database uses the value defined in the DEFAULT profile. By default, all parameters are set to UNLIMITED in the DEFAULT profile. If you have not changed the default setting of UNLIMITED in the DEFAULT profile, then the database treats the value for that parameter as UNLIMITED. If you set both of these parameters to UNLIMITED, then the database ignores both of them. This is the default if you omit both parameters.     PASSWORD_LOCK_TIME      Specify the number of days an account will be locked after the specified number of consecutive failed login attempts. If you omit this clause, then the default is 1 day.     因账户被连续的登录失败后锁定，该参数指定锁定的时间，单位为天，默认值为1天     PASSWORD_GRACE_TIME      Specify the number of days after the grace period begins during which a warning is issued and login is allowed. If you omit this clause, then the default is 7 days.     口令修改的宽限天数，当宽限期开始时，会在登录时提示一个警告，默认值为7天     PASSWORD_VERIFY_FUNCTION      The PASSWORD_VERIFY_FUNCTION clause lets a PL/SQL password complexity verification script be passed as an argument to the CREATEPROFILE statement. Oracle Database provides a default script, but you can create your own routine or use third-party software instead.     指定用于判断口令复杂度的函数 For function, specify the name of the password complexity verification routine. Specify NULL to indicate that no password verification is performed.

来自 “ ITPUB博客 ” ，链接：http://blog.itpub.net/30150152/viewspace-1537418/，如需转载，请注明出处，否则将追究法律责任。

转载于:http://blog.itpub.net/30150152/viewspace-1537418/