support/notes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
notes/wallet/wallet_01.txt
Valeriu PLESNILA 26296b6d6a 2026-03-12 21:01:38
2026-03-12 22:01:38 +01:00

107 lines
3.1 KiB
Plaintext
Raw Permalink Blame History

-- http://www.br8dba.com/store-db-credentials-in-oracle-wallet/
-- https://franckpachot.medium.com/19c-ezconnect-and-wallet-easy-connect-and-external-password-file-8e326bb8c9f5
# create 2 users in a PDB
alter session set container=NIHILUS;
show con_name
show pdbs
grant create session to WOMBAT identified by "CuteAnimal99#";
grant create session to OTTER identified by "CuteAnimal@88";
# create directory for tnsnames.ora
export TNS_ADMIN=/home/oracle/tmp/tns
mkdir -p ${TNS_ADMIN}
# add TNS alias in $TNS_ADMIN/tnsnames.ora
WOMBAT_NIHILUS=(DESCRIPTION=
(CONNECT_DATA=
(SERVICE_NAME=NIHILUS)
)
(ADDRESS=
(PROTOCOL=tcp)
(HOST=bakura)
(PORT=1521)
)
)
OTTER_NIHILUS=(DESCRIPTION=
(CONNECT_DATA=
(SERVICE_NAME=NIHILUS)
)
(ADDRESS=
(PROTOCOL=tcp)
(HOST=bakura)
(PORT=1521)
)
)
# test connections using TNS alias
sqlplus /nolog
connect WOMBAT/"CuteAnimal99#"@WOMBAT_NIHILUS
connect OTTER/"CuteAnimal@88"@OTTER_NIHILUS
# add following lines in $TNS_ADMIN/sqlnet.ora
WALLET_LOCATION=(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=/home/oracle/tmp/wdir)))
SQLNET.WALLET_OVERRIDE=TRUE
# create wallet
export MY_WALLET_DIR=/home/oracle/tmp/wdir
mkdir -p ${MY_WALLET_DIR}
orapki wallet create -wallet ${MY_WALLET_DIR} -auto_login
# files generated in ${MY_WALLET_DIR}
# check for 600 permissions on all theses files, otherwise the connection using the wallet will not work
ewallet.p12.lck
ewallet.p12
cwallet.sso.lck
cwallet.sso
# add credentials
mkstore -wrl ${MY_WALLET_DIR} -createCredential WOMBAT_NIHILUS WOMBAT "CuteAnimal99#"
mkstore -wrl ${MY_WALLET_DIR} -createCredential OTTER_NIHILUS OTTER "CuteAnimal@88"
# list wallet credentials
mkstore -wrl ${MY_WALLET_DIR} -listCredential
# update or delete entery
mkstore -wrl ${MY_WALLET_DIR} -modifyCredential WOMBAT_NIHILUS WOMBAT "CuteAnimal99#"
mkstore -wrl ${MY_WALLET_DIR} -deleteCredential OTTER_NIHILUS
# test connection using wallet
sqlplus /@WOMBAT_NIHILUS
show user
sqlplus /@OTTER_NIHILUS
show user
# NOTES
# if we want to store in the same wallet passwords of multiple users, we should use multiple TNS alias because the TNS alias is an unique key in the wallet
# if the wallet has bee created with -auto_login option, the wallet password is required to add/modify/delete/list wallet credentials
# but it is not required to establish connections
# using ezConnect
#################
# basicly, when using ezConnect we have the same "TNS alias", ex: //bakura:1521/NIHILUS
# how to add multiples credentials? using dummy ezConnect parameter introduced in 19c:
# https://franckpachot.medium.com/19c-easy-connect-e0c3b77968d7
# in our case we will add a dummy parameter "ConnectAs" in order to crerate distinct ezStrings depending by username
mkstore -wrl ${MY_WALLET_DIR} -createCredential //bakura:1521/NIHILUS?ConnectAs=WOMBAT WOMBAT "CuteAnimal99#"
mkstore -wrl ${MY_WALLET_DIR} -createCredential //bakura:1521/NIHILUS?ConnectAs=OTTER OTTER "CuteAnimal@88"
sqlplus /@//bakura:1521/NIHILUS?ConnectAs=WOMBAT
show user
sqlplus /@//bakura:1521/NIHILUS?ConnectAs=OTTER
show user
Reference in New Issue View Git Blame Copy Permalink