Monday, June 27, 2011

Secure External Password Store or SSO or password wallet

Secure External Password Store or SSO or password wallet
------------------------------------------------------------

see here:-

http://download.oracle.com/docs/cd/B19306_01/network.102/b14266/cnctslsh.htm#i1006413

examples:-

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Administrator>mkstore
mkstore [-wrl wrl] [-create] [-createSSO] [-createALO] [-delete] [-deleteSSO] [-
list] [-createEntry alias secret] [-viewEntry alias] [-modifyEntry alias secret]
[-deleteEntry alias] [-help]

C:\Documents and Settings\Administrator>mkstore -wrl G:\app\Administrator\produc
t\11.1.0\db_1\NETWORK\ADMIN\ -create
Enter password:

Invalid Password....
PASSWORD_POLICY : Passwords must have a minimum length of eight characters and
contain alphabetic characters combined with numbers or special characters.
Enter password:

Invalid Password....
PASSWORD_POLICY : Passwords must have a minimum length of eight characters and
contain alphabetic characters combined with numbers or special characters.

C:\Documents and Settings\Administrator>mkstore -wrl G:\app\Administrator\produc
t\11.1.0\db_1\NETWORK\ADMIN\ -create
Enter password:

Enter password again:


C:\Documents and Settings\Administrator>
C:\Documents and Settings\Administrator>
C:\Documents and Settings\Administrator>cd ..

C:\Documents and Settings>cd ..

C:\>
C:\>
C:\>mkstore -wrl G:\app\Administrator\product\11.1.0\db_1\NETWORK\ADMIN\ -create
Credential test123 stlbas stlbas
Enter wallet password:

Create credential oracle.security.client.connect_string1

C:\>mkstore -wrl G:\app\Administrator\product\11.1.0\db_1\NETWORK\ADMIN\ -create
Credential test123 sys sys
Enter wallet password:

Create credential Secret Store error occured: oracle.security.pki.OracleSecretSt
oreException: Credential already exists

C:\>
C:\>mkstore -wrl G:\app\Administrator\product\11.1.0\db_1\NETWORK\ADMIN\ -create
Credential atm19 sys sys
Enter wallet password:

Create credential oracle.security.client.connect_string2

C:\>
C:\>mkstore -wrl G:\app\Administrator\product\11.1.0\db_1\NETWORK\ADMIN\ -create
Credential report39 sys reportsys
Enter wallet password:

Create credential oracle.security.client.connect_string3

C:\>
C:\>
C:\>conn sys@report39
'conn' is not recognized as an internal or external command,
operable program or batch file.

C:\>sqplus /nolog
'sqplus' is not recognized as an internal or external command,
operable program or batch file.

C:\>
C:\>sqlplus /nolog

SQL*Plus: Release 11.1.0.6.0 - Production on Mon Jun 27 14:02:48 2011

Copyright (c) 1982, 2007, Oracle. All rights reserved.

SQL>
SQL> conn /@report39
ERROR:
ORA-01017: invalid username/password; logon denied


SQL> conn sys@report39
Enter password:
ERROR:
ORA-01017: invalid username/password; logon denied


SQL>
SQL> conn / @atm19
ERROR:
ORA-01017: invalid username/password; logon denied


SQL> conn / @test123
Connected.
SQL>
SQL> show user
USER is "STLBAS"
SQL>
SQL> conn sys@test123
Enter password:
ERROR:
ORA-01005: null password given; logon denied


Warning: You are no longer connected to ORACLE.
SQL> conn / @test123
Connected.
SQL>
SQL>
SQL> conn / @test123
Connected.
SQL>
SQL>
SQL>
SQL> conn / @test123
Connected.
SQL>
SQL>
SQL> conn / @test123
Connected.
SQL> select host_name from v$instance ;

HOST_NAME
----------------------------------------------------------------
TESTDB

SQL> conn / @test123
Connected.
SQL>
SQL>
SQL> exit
Disconnected from Oracle Database 10g Enterprise Edition Release 10.2.0.3.0 - Pr
oduction
With the Partitioning, OLAP and Data Mining options

C:\>
C:\>mkstore -wrl G:\app\Administrator\product\11.1.0\db_1\NETWORK\ADMIN\ -listCr
edential
Enter wallet password:

List credential (index: connect_string username)
3: report39 sys
2: atm19 sys
1: test123 stlbas

C:\>
C:\>mkstore -wrl G:\app\Administrator\product\11.1.0\db_1\NETWORK\ADMIN\ -delete
Credential atm19
Enter wallet password:

Delete credential
Delete 2

C:\>
C:\>
C:\>
C:\>mkstore -wrl G:\app\Administrator\product\11.1.0\db_1\NETWORK\ADMIN\ -listCr
edential
Enter wallet password:

List credential (index: connect_string username)
3: report39 sys
1: test123 stlbas

C:\>
C:\>
C:\>mkstore -wrl G:\app\Administrator\product\11.1.0\db_1\NETWORK\ADMIN\ -create
Credential atm19 atmutl atmutl
Enter wallet password:

Create credential oracle.security.client.connect_string2

C:\>
C:\>
C:\>mkstore -wrl G:\app\Administrator\product\11.1.0\db_1\NETWORK\ADMIN\ -create
Credential atm19 stlbas stlbas
Enter wallet password:

Create credential Secret Store error occured: oracle.security.pki.OracleSecretSt
oreException: Credential already exists

C:\>
C:\>
C:\>mkstore -wrl G:\app\Administrator\product\11.1.0\db_1\NETWORK\ADMIN\sso\ -cr
eateCredential atm19 stlbas stlbas
Enter wallet password:

Could not open wallet. Wallet not found at G:\app\Administrator\product\11.1.0\d
b_1\NETWORK\ADMIN\sso\ewallet.p12

C:\>
C:\>
C:\>
C:\>
C:\>
C:\>
C:\>
C:\>mkstore -wrl G:\app\Administrator\product\11.1.0\db_1\NETWORK\ADMIN\ssowalle
t\ -create
Enter password:

Enter password again:


C:\>
C:\>
C:\>
C:\>mkstore -wrl G:\app\Administrator\product\11.1.0\db_1\NETWORK\ADMIN\sso\ -cr
eateCredential atm19 stlbas stlbas
Enter wallet password:

Could not open wallet. Wallet not found at G:\app\Administrator\product\11.1.0\d
b_1\NETWORK\ADMIN\sso

C:\>
C:\>
C:\>mkstore -wrl G:\app\Administrator\product\11.1.0\db_1\NETWORK\ADMIN\ssowalle
t\ -createCredential atm19 stlbas stlbas
Enter wallet password:

Create credential oracle.security.client.connect_string1

C:\>
C:\>
C:\>
C:\>mkstore -wrl G:\app\Administrator\product\11.1.0\db_1\NETWORK\ADMIN\ssowalle
t\ -createCredential test123 sys sys
Enter wallet password:

Create credential oracle.security.client.connect_string2

C:\>
C:\>
C:\>
C:\>
C:\>sqlplus /nolog

SQL*Plus: Release 11.1.0.6.0 - Production on Mon Jun 27 14:28:06 2011

Copyright (c) 1982, 2007, Oracle. All rights reserved.

SQL> conn /@test123
Connected.
SQL>
SQL>
SQL> show user
USER is "STLBAS"
SQL>
SQL> conn /@test123
Connected.
SQL>
SQL>

No comments: