iSQL*Plus的配置

iSQL*PLUS的配置等：

環境：WINXP+Oracle10.2.0.1.0

1.       更改ｉＳＱＬＰＬＵＳ的啓動端口：

$ORACLE_HOME/oc4j/j2ee/isqlplus/config　下的http-web-site.xml文件中的port<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />

步驟：

關閉服務：isqlplus stop

更改端口

啓動服務：isqlplus start

 

2.      更改日誌級別：

使用的是Log4j

$ORACLE_HOME/oc4j/j2ee/oc4j_applications/applications/isqlplus/isqlplus/WEB-INF/classes

下的log4j.properties中修改。

日誌文件位於：

幫助的日誌記錄在：

 

3.       變更session的有效期：

下的web.xml文件中。

設置：

<session-config>

      <session-timeout>15</session-timeout>

   </session-config>

爲分鐘狀態。

 

4.       限制登陸的：

在Edit the

$ORACLE_HOME/oc4j/j2ee/oc4j-applications/applications/isqlplus/isqlplus/WEB-INF/web.xml

file to restrict database access to iSQL*Plus users

設置方式：

Connection identifiers are case insensitive, and each connection identifier listed in the argument should be identical to an alias in the tnsnames.ora file.

Once set, all connections made through the Login screen, all dynamic reports and any connections attempted with the CONNECT command are refused unless the connection is to one of the databases in the restricted list. Similarly, if SET INSTANCE is used, the connection identifier defined must match an entry in iSQLPlusConnectIdList or the connection is refused

設置<init-param>

         <param-name>iSQLPlusConnectIdList</param-name>

            <param-value>ora10g;ora9i</param-value>

參數,其中的<param-value>代表$ORACLE_HOME/network/admin/tnsnames.ora中的名字，只能從下拉框選擇。

如果<param-value>沒有設置值，那麼可以手動輸入SID。

 

5.       設置isqlplus的dba的鏈接

To access the iSQL*Plus DBA URL, you must set up the OC4J user manager. You can set up OC4J to use:

·         The XML-based provider type, jazn-data.xml

·         The LDAP-based provider type, Oracle Internet Directory

You need to stop the iSQL*Plus Application Server to enable iSQL*Plus DBA access.

建立的步驟：

1.     Create users for the iSQL*Plus DBA URL.

2.     Grant the webDba role to users.

3.     Restart the iSQL*Plus server after making any changes to the JAZN authentication file, jazn-data.xml. The JAZN authentication file is changed when you use the JAZN admin tool to set up users for the iSQL*Plus DBA URL.

4.     Test iSQL*Plus DBA Access.

管理用戶，首先啓動：JAZN shell

進入目錄：

cd %ORACLE_HOME%/oc4j/j2ee/isqlplus/application-deployments/isqlplus

執行：

java -Djava.security.properties=%ORACLE_HOME%/sqlplus/admin/iplus/provider -jar %ORACLE_HOME%/oc4j/j2ee/home/jazn.jar -user "iSQL*Plus DBA/admin" -password welcome -shell

官方文檔給出的啓動：

 

管理用戶：（大小寫敏感）

listusers 查詢全部用戶

listusers "iSQL*Plus DBA" 查看這個組的用戶

adduser "iSQL*Plus DBA" xiyou xiyou 添加新用戶，用戶名 密碼

setpasswd "iSQL*Plus DBA" xiyou xiyou xiyou 更改用戶密碼，用戶 原密碼 新密碼

remuser "iSQL*Plus DBA" hello 刪除用戶

grantrole webDba "iSQL*Plus DBA" xiyou賦予權限

revokerole webDba "iSQL*Plus DBA" xiyou回收權限

 

查出的角色：

JAZN:> listroles

iSQL*Plus DBA/webDba

iSQL*Plus DBA/admin

 

 

6.使用SSL進行安全連接iSQL*Plus

產生鍵值對：

Use the keytool utility to generate the keypair (public and private keys), and a keystore (database) to store the keypair:

 

Configure iSQL*Plus to run in SSL mode.

1. Copy http-web-site.xml to secure-web-site.xml

2.         cd $ORACLE_HOME/oc4j/j2ee/isqlplus/config cp http-web-site.xml secure-web-site.xml

3. Edit secure-web-site.xml and set the port number, and add the attribute secure="true":

4.         <web-site port="4443" secure="true" display-name="Oracle9iAS Containers for J2EE HTTP Web Site">

The port you use for iSQL*Plus in SSL mode can be any free port on your machine. In this example, it is set to port 4443. The default SSL port is 443.

5. Add a new element to the web-site element in the secure-web-site.xml file.

6.         <ssl-config keystore="/oracle/ora10g/oc4j/j2ee/keystore" keystore-password="123456" />

Note:

You can hide the password through password indirection. See Oracle Application Server Containers for J2EE Security Guide for a description of password indirection.

7. Edit server.xml to refer to the secure-web-site.xml file:

8.         <web-site default="true" path="./secure-web-site.xml" />

 

6.       導入sql，對一些瀏覽器的不支持，設置：

Some browsers may require you to set up a MIME type to be able to save scripts to

your local machine. If iSQL*Plus opens a new window when you click "Save Script"

on the Work screen instead of prompting you to enter a filename to save the script,

then set up a MIME type

application/vnd.oracle-isqlplus.script

and configure it to allow you to save to disk. Also add

application/vnd.oracle-isqlplus.output

to allow you to use the Save to file option accessed through the Interface Options

screen of iSQL*Plus.