此参数在目录 $ORACLE_HOME/network/admin/sqlnet.ora下。Oracle联机文档中对此参数的描述如下:
Purpose
Use the parameter SQLNET.AUTHENTICATION_SERVICES to enable one or more authentication services. If authentication has been installed, it is recommended that this parameter be set to either none or to one of the authentication methods.
Default
None
Values
Authentication Methods Available with Oracle Net Services:
None for no authentication methods, including Windows native operating system authentication (to use Windows native operating system authentication, set this parameter to nts). When SQLNET.AUTHENTICATION_SERVICES is set to none, a valid user name and password can be used to access the database.
all for all authentication methods
ntsfor Windows NT native authentication
Authentication Methods Available with Oracle Advanced Security:
kerberos5 for Kerberos authentication
radius for RADIUS authentication
dcegssapi for DCE GSSAPI authentication
For example, for all clients and servers using Kerberos authentication, the sqlnet.ora parameter must be set as follows:
SQLNET.AUTHENTICATION_SERVICES=(KERBEROS5)
若没有其他认证方式(Authentication Methods)的设置
A.在windows平台此值应设为 NTS 或 ALL 否则将无法使用操作系统认证登入数据库(conn / as sysdba),当然也可以设置为NONE或者不设置通过密码认证登入。
B.在Linux 平台此值应设为 NONE或者不对此参数进行设置,否则也将无法使用操作系统认证登入数据库。
设置此参数为ALL或者其他(如KERBEROS5)会得到如下错误
SQL> conn system/oracle@arron
ERROR:
ORA-12641: Authentication service failed to initialize 验证服务无法初始化
其他参考文件:
SQLNET.AUTHENTICATION_SERVICES= (NTS) 解释
(2)REMOTE_LOGIN_PASSWORDFILE
Sqlnet.authentication_services=... Take into effect after restart sqlplus.
Parameter REMOTE_LOGIN_PASSWORDFILE is a initialization parameter, and will take into effect after restart database.
Values:(oracle 11g release 1(11.1))
shared
One or more databases can use the password file. The password file can contain SYS as well as non-SYS users.
exclusive
The password file can be used by only one database. The password file can contain SYS as well as non-SYS users.
none
Oracle ignores any password file. Therefore, privileged users must be authenticated by the operating system.
Note:
When REMOTE_LOGIN_PASSWORDFILE is set to either exclusive or shared, but the password file does not exist, then the behavior is the same as setting REMOTE_LOGIN_PASSWORDFILE to none.
(oracle 10g release 2 (10.2))
REMOTE_LOGIN_PASSWORDFILE specifies whether Oracle checks for a password file.
Values:
NONE
Oracle ignores any password file. Therefore, privileged users must be authenticated by the operating system.
SHARED
One or more databases can use the password file. The password file can contain SYS as well as non-SYS users.
Note:
The value EXCLUSIVE is supported for backward compatibility. It now has the same behavior as the value SHARED.
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
