CREATE
OR REPLACE TRIGGER
sys.trg_work_log
AFTER
LOGON ON DATABASE
declare
v_program_name varchar2(200);
v_username varchar2(100);
v_ip varchar2(18);
v_error varchar2(1000);
begin
select
username,program,SYS_CONTEXT('USERENV','IP_ADDRESS')
into
v_username,v_program_name,v_ip
from
sys.v_$session where
AUDSID = SYS_CONTEXT('USERENV',
'SESSIONID');
if (upper(v_username)='TEST')
then
if (UPPER(v_program_name) =
'SQLPLUS.EXE')
then
if (v_ip = ('10.142.244.30'))
then
RAISE_APPLICATION_ERROR(-20001,'You are not allowed to connect to the database,err01');
end
if;
ELSE
RAISE_APPLICATION_ERROR(-20001,'不能使用sqlplus登陸');
end
if;
else
RAISE_APPLICATION_ERROR(-20001,'You are not allowed to connect to the database');
end
if;
END
;
/
本文探讨了在特定环境下通过SQL连接实现的安全策略,包括针对特定用户的IP限制、禁止使用特定程序登录,以及相应的错误处理机制,确保数据库访问的安全性和合规性。
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
