Some times we need database connection from shell script stored on file system. This can be a security issue, if the script contains database connection credential. To nullify this problem oracle provide a solution called wallet. Oracle wallet is a client-side secure external password container where DB login credentials are stored. Using this shell scripts can connect to DB using the "/@db_alias" syntax.
Step 1 : Set location for wallet
we Like to put the wallet files in $ORACLE_HOME/network/admin. Thus the location will be '/oracle/product/11.2.0/dbhome_1/network/admin'. Add following lines to sqlnet.ora
WALLET_LOCATION = (SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=/oracle/product/11.2.0/dbhome_1/network/admin)))
SQLNET.WALLET_OVERRIDE = TRUE
SSL_CLIENT_AUTHENTICATION = FALSE
SSL_VERSION = 0
Step 2: Set DB alias
Add the following lines to listerer.ora
ora_db =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = db1)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = ORA.DB1.ORACLE.COM) ) )
Step 3: Create Wallet
mkstore -wrl '/oracle/product/11.2.0/dbhome_1/network/admin' -create
You will ask to enter password. The password length must be 8+ containing alpha-numeric characters.
Step 4: Add database login credentials into wallet
mkstore -wrl '/oracle/product/11.2.0/dbhome_1/network/admin' -createCredential ora_db scott tiger
This will ask for password conformation and you shout give the same password which you gave when creating wallet.
Step 5: Listing credentials present in wallet
mkstore -wrl '/oracle/product/11.2.0/dbhome_1/network/admin' -listCredential
Step 6: Connect Db using wallet
sqlplus /@ora_db
No comments:
Post a Comment