1 Profiles
1)a profile is a named set of password and resource limits
2)Profiles are assigned to user by the create user or alter user command
3)can be enable or disable
4)can relate to the default profile.
2 Password Management
Password history,account locking,password expiration and aging ,password verificcation.
3Enabling Password Management
1)set up passwordd management by using profiles and assign them to users
2)lock unlock and expire accounts usign the create user or alter user
3)alwarys enforcing
e.g
create user test identified by test;
alter user test account lock;
alter user test account unlock;
alteer user test password expire;
4 Passowrd Account locking
FAIKED_LOGIN_ATTEMPS: number of failed login attemts before lockout of the account
PASSWORD_LOCK_TIME : number of days the account is locked after the specified number of failed login attemps
e.g
create profile profile1 limit
password_lock_time 1/1440 -- one muinuts
failed_login_attempts 3;
alter user test
profile profile1;
alter profile profile1 limit
passowrd_lock_time 1/24 --one hour
5 passowrd expiration and aging
passwowd_life_time lifetime of the passowrd in days after which the password expires(有效期)
password_grace_time grace period in days for changing the password after the first successful login afteer the password has expired(锁定期)
e.g
alter profile profile1 limit
password_life_time 2
password_grace_time 3;
6 password history
password_reuse_time:number of days before a passowrd and be resued
password _reuse_max:maxum number of times password can bee reused
e.g
alter profile profile1 limit
password_reuse_time 10
password_reuse_max 3;
7passowrd Verification(study latter)
8drop a profile
drop profile profile1 (cascade);
the user will use the default profile.it will take effect on the new session.
9 Resource Management
Resource mangement limits can be enforced at the session level,the call level or both
limits can be defined by profiles using the create profile command
enable resource limints with the
.resource_limit initialization parameter
alter system command
e.g
alter system set resource_limit=true;
10 setting a Resdource limits at session level
cup_per_session : total cpu time measured in hundredths of seconds (百分之一秒)
sessions_per_user: number of coucurrent sessions allowed for each username
connect_time:elapsed connect time measured in minutes
idle_time :periods of inactive time measured in minutes
logical_reads_per_session: number of data blocks
private_sga :measure in reads
e.g
alter profile profile1 limit
cpu_per_session 100000
connect_time 60
idle_time 5;
alter user test profile profile1
11 Setting Resource limits at call level
e.g
alter profile profile1
cpu_per_call 1000 -- cup time per call in
logical_reads_per_call --number of data balock that can be read per call
create profile develper_prof limit
session_per_user2
cpu_per_session 10000
idle_time 60
connect_time 480
12 Managing Resources using database resource manager
1)Provides the oracle server with more control over resorce management decisions
2)elements of database resorcee manager
resource consumer group
resourcee plan
resource allocation method
resource plan directives
3)dbms_resource_manager package is uerd to create and maintain elements
4)requires administer_resource_manager privilege
desc dbms_resoource_manager
13 0btaining password and resource limits informaiton
information about password and resource limits can be obtained by querying the data dictonary
dba_users
select * from users;
dba_profiles
select * from dba_profiles where profile='PROFILE1'