oracle10G下在isqlplus中启用sys账户

时间：2010-06-24 来源：longe

isqlplus登录方式：
http://sun1:5560/isqlplus
http://sun1:5560/isqlplus/dba ORACLE 10G默认情况下不允许使用sys等dba用户web方式登录isqlplus
要以DBA身份登陆isqlplus，需要配置oc4j用户。
配置文件：
$ORACLE_HOME/oc4j/j2ee/isqlplus/application-deployments/isqlplus/config/jazn-data.xml
需要通过JAZN(Java AuthoriZatioN)来配置。JAZN是oracle提供的一个JASS(Java Authentication and Authorization Service)工具. 如何进入JAZN命令环境注意：必须在$ORACLE_HOME/oc4j/j2ee/isqlplus/application-deployments/isqlplus目录中执行命令，否则会出现下面的错误：oracle.security.jazn.JAZNRuntimeException: Configuration file "configjazn.xml" does not exist. Check your JAAS configuration settings.或者Realm [iSQL*Plus DBA] does not exist in system. $ pwd
$ORACLE_HOME/oc4j/j2ee/isqlplus/application-deployments/isqlplus $ java -Djava.security.properties=$ORACLE_HOME/sqlplus/admin/iplus/provider -jar $ORACLE_HOME/oc4j/j2ee/home/jazn.jar -user "iSQL*Plus DBA/admin" -password welcome -shell JAZN:> listusers
iSQL*Plus DBA/admin JAZN:> adduser "iSQL*Plus DBA" jilong longalna  \\ 创建新的iSQL*Plus DBA用户“jilong”
JAZN:> grantrole webDba "iSQL*Plus DBA" jilong  \\ 授予webDba权限
JAZN:>
JAZN:> listusers
iSQL*Plus DBA/jilong
iSQL*Plus DBA/admin 启停isqlplus应用服务器
isqlplusctl stop
isqlplusctl start 登录isqlplus dba页面 http://sun1:5560/isqlplus/dba，输入新添加的用户（注意这里不是数据库用户，而是isqlplus应用服务器要求的用户和密码。）登录后即可使用sys等dba用户登录数据库
JAZN中其他相关命令：
JAZN:> revokerole webDba "iSQL*Plus DBA" user_name     \\撤销用户登陆isqlplus DBA的权限
JAZN:> setpasswd "iSQL*Plus DBA" user_name old_password new_password \\修改用户密码
JAZN:> remuser "iSQL*Plus DBA" user_name      \\删除用户 $ORACLE_HOME/oc4j/j2ee/isqlplus/application-deployments/isqlplus/config/ jazn-data.xml 文件用户信息部分:
(password为加密方式，只能通过JAZN修改，admin默认password为“welcome”) 
<jazn-realm>
        <realm>
                <name>iSQL*Plus DBA</name>
                <users>
                        <user>
                                <name>admin</name>
                                <display-name>Realm Administrator</display-name>
                                <description>Administrator for this realm.</description>
                                <credentials>{903}ubtKEVZPHqBXthQMG2Pi5mnwWzjLlPHX</credential
s>
                        </user>
                        <user>
                                <name>jilong</name>
                                <credentials>{903}3lT/T+Y0+6tCjiTdch4ei1boHx/2+4je</credential
s>
                        </user>
                </users>
                <roles>
                        <role>
                                <name>admin</name>
                                <display-name>Realm Admin Role</display-name>
                                <description>Administrative role for this realm.</description>
                                <members>
                                        <member>
                                                <type>user</type>
                                                <name>admin</name>
                                        </member>
                                </members>
                        </role>
                        <role>
                                <name>webDba</name>
                                <members>
                                        <member>
                                                <type>user</type>
                                                <name>jilong</name>
                                        </member>
                                </members>
                        </role>
                </roles>
        </realm>
</jazn-realm>