Check user's password is valid or not in plsql
I need to check if a database user is valid.
I will allow users to change their passwords using the ALTER command, but before I do I want to validate t
-
I don't think Oracle database gives you an API for doing this. One kludge you could use would be to use a loopback database link to check it. Like this:
DECLARE p_username VARCHAR2 (30) := 'MMCP'; -- Change to the user whose password you are validating p_test_password VARCHAR2 (30) := 'NOT_MY_PASSWORD'; p_loopback_connection_string VARCHAR2(80) := 'ORCLQA'; -- Change this for your environment BEGIN BEGIN EXECUTE IMMEDIATE q'[drop database link password_test_loopback]'; EXCEPTION WHEN OTHERS THEN NULL; END; EXECUTE IMMEDIATE 'create database link password_test_loopback connect to "' || p_username || '" identified by "' || p_test_password || '" using ''' || p_loopback_connection_string || ''''; EXECUTE IMMEDIATE q'[SELECT * FROM dual@password_test_loopback]'; EXECUTE IMMEDIATE q'[drop database link password_test_loopback]'; dbms_output.put_line('Password is good'); EXCEPTION WHEN OTHERS THEN IF SQLCODE = -1017 THEN DBMS_OUTPUT.PUT_LINE('Password is wrong'); ELSE raise; END IF; END;More advanced options would be to find a way to use single signon / LDAP for your Oracle authentication. Then, your problem becomes -- how do I validate a username/password in my LDAP dictionary, which is much easier.
讨论(0) -
Any database user can change its own password. This isn't something you can rule over. This is how it works "by design". Privileges for given user inside the database is another story. This is where you as the dba can rule.
sys@XE> create user a identified by a; User created. Elapsed: 00:00:00.03 sys@XE> grant create session to a; Grant succeeded. sys@XE> @c a/a a@XE> alter user a identified by b; User altered. Elapsed: 00:00:00.03 a@XE> @c a/b a@XE>Your application tool will have to have a module for password management. Have a look at Tom's answer to this:
讨论(0)
加载中...
- 热议问题