SlideShare ist ein Scribd-Unternehmen logo

Userlimit

O
oracle documents

oracle foreign key primary key constraints performance tuning MTS IOT 9i block size backup rman corrupted column drop rename recovery controlfile backup clone architecture database archives export dump dmp duplicate rows extents segments fragmentation hot cold blobs migration tablespace locally managed redo undo new features rollback ora-1555 shrink free space user password link TNS tnsnames.ora listener java shutdown sequence

1 von 2
Downloaden Sie, um offline zu lesen
Limiting concurrent connections Administration Tips Limiting concurrent connections by Users Having Users make multiple connections to a database is a problem for a variety of reasons. Firstly, it chews up resources. Each connection acquires (in dedicated server mode, at least) a Server Process and a PGA –which means each connection starts using up memory and CPU cycles, even if the session itself is sitting their doing nothing very strenuous. Secondly, it’s a potential security issue: if a User is logged on 6 times, it is unlikely that they can be physically present at all 6 workstations simultaneously, which means the ones they aren’t at are wide-open to abuse by passing disgruntled employees. It’s therefore a very good idea to limit the maximum number of concurrent connections a User is permitted to make to a database, and the tool used to do that is the Resource Profile, which has been around since at least Oracle 7. A resource profile allows the DBA to limit a number of things that a User can do –for example, a maximum connection time can be specified (e.g., 480 minutes, or 8 hours), or a maximum idle time. But for our purposes, we can concentrate on the ability to limit the number of sessions a User is permitted to have running at any one time. That’s governed by a particular attribute of a resource profile, called SESSIONS_PER_USER. Every User has a profile already, even if you’ve never been aware of it, or made use of the fact. That profile is called ‘DEFAULT’, and is the one all Users acquire (by default!) when first created, unless you specify another named profile. A quick solution to the concurrent connections problem would thus involve simply editing the DEFAULT profile, like this: ALTER PROFILE DEFAULT SESSIONS_PER_USER 2; … and that would then prevent all Users from ever acquiring more than 2 concurrent sessions (although it will only take effect when they start re-connecting to the database). Note that there is no equals sign between the attribute name and its setting. A more subtle approach would be to allow some Users to make 3 connections, others to create 5. For that sort of discrimination, you’ll need to create your own profiles, like this: CREATE PROFILE BLAH3 LIMIT SESSIONS_PER_USER 3; CREATE PROFILE BLAH5 LIMIT SESSIONS_PER_USER 5; You then have to assign the right profile to the right user, like this: Copyright © Howard Rogers 2001 10/18/2001 Page 1 of 2
Limiting concurrent connections Administration Tips ALTER USER FRED PROFILE BLAH3; ALTER USER MARY PROFILE BLAH5; … and so on. Next time Fred tries to log on multiple times, he’ll get the following error message on his fourth attempt: ERROR:ORA-02391: EXCEEDED SIMULTANEOUS SESSIONS_PER_USER LIMIT There is one extremely important point to know about resource profiles, however: they take no effect whatsoever until you switch them on. That is, even though they have been created, and properly assigned to all Users, no-one will have any connection limits until you tell the database to actually start enforcing the limits. That’s done with the following command: ALTER SYSTEM SET RESOURCE_LIMIT=TRUE; That switches on profile limits for the duration of the Instance, and for new connections only. A more permanent fix is to edit your init.ora, and enter the line resource_limit=true there. That way, every time you bounce the Instance, you’ll find resource profile limit being enforced. (Incidentally, any sessions a User already has running when you assign him the new profile and switch resource limiting on with the ‘alter system’ command are counted against his allowed total. So if a User already has 4 connections when you suddenly start limiting him to just 3, he will immediately not be able to make a fifth connection. However, the original 4 are not disconnected, and are allowed to proceed as normal). Copyright © Howard Rogers 2001 10/18/2001 Page 2 of 2

Empfohlen

Rollbackshrinks
RollbackshrinksRollbackshrinks
Rollbackshrinksoracle documents
 
Tablerename
TablerenameTablerename
Tablerenameoracle documents
 
Rollbackblocking
RollbackblockingRollbackblocking
Rollbackblockingoracle documents
 
Rollbacksizes
RollbacksizesRollbacksizes
Rollbacksizesoracle documents
 
Sequencereset
SequenceresetSequencereset
Sequenceresetoracle documents
 
Undo internalspresentation
Undo internalspresentationUndo internalspresentation
Undo internalspresentationoracle documents
 
Usertracing
UsertracingUsertracing
Usertracingoracle documents
 
Userpasswrd
UserpasswrdUserpasswrd
Userpasswrdoracle documents
 

Empfohlen

Rollbackshrinks
RollbackshrinksRollbackshrinks
Rollbackshrinksoracle documents
 
Tablerename
TablerenameTablerename
Tablerenameoracle documents
 
Rollbackblocking
RollbackblockingRollbackblocking
Rollbackblockingoracle documents
 
Rollbacksizes
RollbacksizesRollbacksizes
Rollbacksizesoracle documents
 
Sequencereset
SequenceresetSequencereset
Sequenceresetoracle documents
 
Undo internalspresentation
Undo internalspresentationUndo internalspresentation
Undo internalspresentationoracle documents
 
Usertracing
UsertracingUsertracing
Usertracingoracle documents
 
Userpasswrd
UserpasswrdUserpasswrd
Userpasswrdoracle documents
 
Unit4 NMA working with user accounts WINDOWS SERVER 2008
Unit4 NMA working with user accounts WINDOWS SERVER 2008Unit4 NMA working with user accounts WINDOWS SERVER 2008
Unit4 NMA working with user accounts WINDOWS SERVER 2008Sangeetha Rangarajan
 
Southeast Linuxfest -- MySQL User Admin Tips & Tricks
Southeast Linuxfest -- MySQL User Admin Tips & TricksSoutheast Linuxfest -- MySQL User Admin Tips & Tricks
Southeast Linuxfest -- MySQL User Admin Tips & TricksDave Stokes
 
Access Control Facilities in Oracle Database 11g r2
Access Control Facilities in Oracle Database 11g r2Access Control Facilities in Oracle Database 11g r2
Access Control Facilities in Oracle Database 11g r2Amin Saqi
 
Security and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity ConstantSecurity and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity ConstantPrakash Kumar
 
Sever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsSever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsPortalGuard
 
Data base Access Control a look at Fine grain Access method
Data base Access Control a look at Fine grain Access methodData base Access Control a look at Fine grain Access method
Data base Access Control a look at Fine grain Access methodInternational Journal of Engineering Inventions www.ijeijournal.com
 
Queues, Pools and Caches - Paper
Queues, Pools and Caches - PaperQueues, Pools and Caches - Paper
Queues, Pools and Caches - PaperGwen (Chen) Shapira
 
Allowing or preventing domain users from joining workstations to the domain
Allowing or preventing domain users from joining workstations to the domainAllowing or preventing domain users from joining workstations to the domain
Allowing or preventing domain users from joining workstations to the domainlaonap166
 
Ch10 system administration
Ch10 system administration Ch10 system administration
Ch10 system administration Raja Waseem Akhtar
 
Ch10
Ch10Ch10
Ch10Raja Waseem Akhtar
 
Queues, Pools and Caches paper
Queues, Pools and Caches paperQueues, Pools and Caches paper
Queues, Pools and Caches paperGwen (Chen) Shapira
 
Don't be tardy configure password expiration with open sso and identity mana...
Don't be tardy configure password expiration with open sso and identity mana...Don't be tardy configure password expiration with open sso and identity mana...
Don't be tardy configure password expiration with open sso and identity mana...Jose R
 
ICT-DBA4-09-0811-Monitor-and-Administer-Database.docx
ICT-DBA4-09-0811-Monitor-and-Administer-Database.docxICT-DBA4-09-0811-Monitor-and-Administer-Database.docx
ICT-DBA4-09-0811-Monitor-and-Administer-Database.docxAmanGunner
 
Implementing role based access control on Web Application (sample case)
Implementing role based access control on Web Application (sample case)Implementing role based access control on Web Application (sample case)
Implementing role based access control on Web Application (sample case)Deny Prasetia
 
Chapter 6 Database Security and Authorization (4).pdf
Chapter 6 Database Security and Authorization (4).pdfChapter 6 Database Security and Authorization (4).pdf
Chapter 6 Database Security and Authorization (4).pdfabrehamcheru14
 
High Availbilty In Sql Server
High Availbilty In Sql ServerHigh Availbilty In Sql Server
High Availbilty In Sql ServerRishikesh Tiwari
 
Database_Security.ppt
Database_Security.pptDatabase_Security.ppt
Database_Security.pptmissionsk81
 
Top ten database_threats
Top ten database_threatsTop ten database_threats
Top ten database_threatsFITSFSd
 
Analysis of Various Attributes to Have a Secure Database
Analysis of Various Attributes to Have a Secure DatabaseAnalysis of Various Attributes to Have a Secure Database
Analysis of Various Attributes to Have a Secure DatabaseIOSR Journals
 
dist_systems.pdf
dist_systems.pdfdist_systems.pdf
dist_systems.pdfCherenetToma
 
Applyinga blockcentricapproachtotuning
Applyinga blockcentricapproachtotuningApplyinga blockcentricapproachtotuning
Applyinga blockcentricapproachtotuningoracle documents
 
Windowsosauthent
WindowsosauthentWindowsosauthent
Windowsosauthentoracle documents
 

Weitere ähnliche Inhalte

Ähnlich wie Userlimit

Unit4 NMA working with user accounts WINDOWS SERVER 2008
Unit4 NMA working with user accounts WINDOWS SERVER 2008Unit4 NMA working with user accounts WINDOWS SERVER 2008
Unit4 NMA working with user accounts WINDOWS SERVER 2008Sangeetha Rangarajan
 
Southeast Linuxfest -- MySQL User Admin Tips & Tricks
Southeast Linuxfest -- MySQL User Admin Tips & TricksSoutheast Linuxfest -- MySQL User Admin Tips & Tricks
Southeast Linuxfest -- MySQL User Admin Tips & TricksDave Stokes
 
Access Control Facilities in Oracle Database 11g r2
Access Control Facilities in Oracle Database 11g r2Access Control Facilities in Oracle Database 11g r2
Access Control Facilities in Oracle Database 11g r2Amin Saqi
 
Security and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity ConstantSecurity and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity ConstantPrakash Kumar
 
Sever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsSever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsPortalGuard
 
Queues, Pools and Caches - Paper
Queues, Pools and Caches - PaperQueues, Pools and Caches - Paper
Queues, Pools and Caches - PaperGwen (Chen) Shapira
 
Allowing or preventing domain users from joining workstations to the domain
Allowing or preventing domain users from joining workstations to the domainAllowing or preventing domain users from joining workstations to the domain
Allowing or preventing domain users from joining workstations to the domainlaonap166
 
Don't be tardy configure password expiration with open sso and identity mana...
Don't be tardy configure password expiration with open sso and identity mana...Don't be tardy configure password expiration with open sso and identity mana...
Don't be tardy configure password expiration with open sso and identity mana...Jose R
 
ICT-DBA4-09-0811-Monitor-and-Administer-Database.docx
ICT-DBA4-09-0811-Monitor-and-Administer-Database.docxICT-DBA4-09-0811-Monitor-and-Administer-Database.docx
ICT-DBA4-09-0811-Monitor-and-Administer-Database.docxAmanGunner
 
Implementing role based access control on Web Application (sample case)
Implementing role based access control on Web Application (sample case)Implementing role based access control on Web Application (sample case)
Implementing role based access control on Web Application (sample case)Deny Prasetia
 
Chapter 6 Database Security and Authorization (4).pdf
Chapter 6 Database Security and Authorization (4).pdfChapter 6 Database Security and Authorization (4).pdf
Chapter 6 Database Security and Authorization (4).pdfabrehamcheru14
 
High Availbilty In Sql Server
High Availbilty In Sql ServerHigh Availbilty In Sql Server
High Availbilty In Sql ServerRishikesh Tiwari
 
Database_Security.ppt
Database_Security.pptDatabase_Security.ppt
Database_Security.pptmissionsk81
 
Top ten database_threats
Top ten database_threatsTop ten database_threats
Top ten database_threatsFITSFSd
 
Analysis of Various Attributes to Have a Secure Database
Analysis of Various Attributes to Have a Secure DatabaseAnalysis of Various Attributes to Have a Secure Database
Analysis of Various Attributes to Have a Secure DatabaseIOSR Journals
 

Ähnlich wie Userlimit (20)

Unit4 NMA working with user accounts WINDOWS SERVER 2008
Unit4 NMA working with user accounts WINDOWS SERVER 2008Unit4 NMA working with user accounts WINDOWS SERVER 2008
Unit4 NMA working with user accounts WINDOWS SERVER 2008
 
Southeast Linuxfest -- MySQL User Admin Tips & Tricks
Southeast Linuxfest -- MySQL User Admin Tips & TricksSoutheast Linuxfest -- MySQL User Admin Tips & Tricks
Southeast Linuxfest -- MySQL User Admin Tips & Tricks
 
Access Control Facilities in Oracle Database 11g r2
Access Control Facilities in Oracle Database 11g r2Access Control Facilities in Oracle Database 11g r2
Access Control Facilities in Oracle Database 11g r2
 
Security and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity ConstantSecurity and Integrity violations, Authorisation and views, Integrity Constant
Security and Integrity violations, Authorisation and views, Integrity Constant
 
Sever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsSever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple Passwords
 
Data base Access Control a look at Fine grain Access method
Data base Access Control a look at Fine grain Access methodData base Access Control a look at Fine grain Access method
Data base Access Control a look at Fine grain Access method
 
Queues, Pools and Caches - Paper
Queues, Pools and Caches - PaperQueues, Pools and Caches - Paper
Queues, Pools and Caches - Paper
 
Allowing or preventing domain users from joining workstations to the domain
Allowing or preventing domain users from joining workstations to the domainAllowing or preventing domain users from joining workstations to the domain
Allowing or preventing domain users from joining workstations to the domain
 
Ch10 system administration
Ch10 system administration Ch10 system administration
Ch10 system administration
 
Ch10
Ch10Ch10
Ch10
 
Queues, Pools and Caches paper
Queues, Pools and Caches paperQueues, Pools and Caches paper
Queues, Pools and Caches paper
 
Don't be tardy configure password expiration with open sso and identity mana...
Don't be tardy configure password expiration with open sso and identity mana...Don't be tardy configure password expiration with open sso and identity mana...
Don't be tardy configure password expiration with open sso and identity mana...
 
ICT-DBA4-09-0811-Monitor-and-Administer-Database.docx
ICT-DBA4-09-0811-Monitor-and-Administer-Database.docxICT-DBA4-09-0811-Monitor-and-Administer-Database.docx
ICT-DBA4-09-0811-Monitor-and-Administer-Database.docx
 
Implementing role based access control on Web Application (sample case)
Implementing role based access control on Web Application (sample case)Implementing role based access control on Web Application (sample case)
Implementing role based access control on Web Application (sample case)
 
Chapter 6 Database Security and Authorization (4).pdf
Chapter 6 Database Security and Authorization (4).pdfChapter 6 Database Security and Authorization (4).pdf
Chapter 6 Database Security and Authorization (4).pdf
 
High Availbilty In Sql Server
High Availbilty In Sql ServerHigh Availbilty In Sql Server
High Availbilty In Sql Server
 
Database_Security.ppt
Database_Security.pptDatabase_Security.ppt
Database_Security.ppt
 
Top ten database_threats
Top ten database_threatsTop ten database_threats
Top ten database_threats
 
Analysis of Various Attributes to Have a Secure Database
Analysis of Various Attributes to Have a Secure DatabaseAnalysis of Various Attributes to Have a Secure Database
Analysis of Various Attributes to Have a Secure Database
 
dist_systems.pdf
dist_systems.pdfdist_systems.pdf
dist_systems.pdf
 

Mehr von oracle documents

Applyinga blockcentricapproachtotuning
Applyinga blockcentricapproachtotuningApplyinga blockcentricapproachtotuning
Applyinga blockcentricapproachtotuningoracle documents
 
Sql scripting sorcerypresentation
Sql scripting sorcerypresentationSql scripting sorcerypresentation
Sql scripting sorcerypresentationoracle documents
 
Sql scripting sorcerypaper
Sql scripting sorcerypaperSql scripting sorcerypaper
Sql scripting sorcerypaperoracle documents
 
Real liferecoverypresentation
Real liferecoverypresentationReal liferecoverypresentation
Real liferecoverypresentationoracle documents
 

Mehr von oracle documents (20)

Applyinga blockcentricapproachtotuning
Applyinga blockcentricapproachtotuningApplyinga blockcentricapproachtotuning
Applyinga blockcentricapproachtotuning
 
Windowsosauthent
WindowsosauthentWindowsosauthent
Windowsosauthent
 
Whatistnsnames
WhatistnsnamesWhatistnsnames
Whatistnsnames
 
Whatisadatabaselink
WhatisadatabaselinkWhatisadatabaselink
Whatisadatabaselink
 
Varraysandnestedtables
VarraysandnestedtablesVarraysandnestedtables
Varraysandnestedtables
 
Undo internals paper
Undo internals paperUndo internals paper
Undo internals paper
 
Tablespacelmt
TablespacelmtTablespacelmt
Tablespacelmt
 
Sql scripting sorcerypresentation
Sql scripting sorcerypresentationSql scripting sorcerypresentation
Sql scripting sorcerypresentation
 
Sql scripting sorcerypaper
Sql scripting sorcerypaperSql scripting sorcerypaper
Sql scripting sorcerypaper
 
Sql for dbaspresentation
Sql for dbaspresentationSql for dbaspresentation
Sql for dbaspresentation
 
Rollbacklmt
RollbacklmtRollbacklmt
Rollbacklmt
 
Rollback1555s
Rollback1555sRollback1555s
Rollback1555s
 
Redosize
RedosizeRedosize
Redosize
 
Real liferecoverypresentation
Real liferecoverypresentationReal liferecoverypresentation
Real liferecoverypresentation
 
Real liferecoverypaper
Real liferecoverypaperReal liferecoverypaper
Real liferecoverypaper
 
Perfstats
PerfstatsPerfstats
Perfstats
 
Oracledates
OracledatesOracledates
Oracledates
 
Ora12154
Ora12154Ora12154
Ora12154
 
Nologging
NologgingNologging
Nologging
 
Migration
MigrationMigration
Migration
 

Userlimit

  • 1. Limiting concurrent connections Administration Tips Limiting concurrent connections by Users Having Users make multiple connections to a database is a problem for a variety of reasons. Firstly, it chews up resources. Each connection acquires (in dedicated server mode, at least) a Server Process and a PGA –which means each connection starts using up memory and CPU cycles, even if the session itself is sitting their doing nothing very strenuous. Secondly, it’s a potential security issue: if a User is logged on 6 times, it is unlikely that they can be physically present at all 6 workstations simultaneously, which means the ones they aren’t at are wide-open to abuse by passing disgruntled employees. It’s therefore a very good idea to limit the maximum number of concurrent connections a User is permitted to make to a database, and the tool used to do that is the Resource Profile, which has been around since at least Oracle 7. A resource profile allows the DBA to limit a number of things that a User can do –for example, a maximum connection time can be specified (e.g., 480 minutes, or 8 hours), or a maximum idle time. But for our purposes, we can concentrate on the ability to limit the number of sessions a User is permitted to have running at any one time. That’s governed by a particular attribute of a resource profile, called SESSIONS_PER_USER. Every User has a profile already, even if you’ve never been aware of it, or made use of the fact. That profile is called ‘DEFAULT’, and is the one all Users acquire (by default!) when first created, unless you specify another named profile. A quick solution to the concurrent connections problem would thus involve simply editing the DEFAULT profile, like this: ALTER PROFILE DEFAULT SESSIONS_PER_USER 2; … and that would then prevent all Users from ever acquiring more than 2 concurrent sessions (although it will only take effect when they start re-connecting to the database). Note that there is no equals sign between the attribute name and its setting. A more subtle approach would be to allow some Users to make 3 connections, others to create 5. For that sort of discrimination, you’ll need to create your own profiles, like this: CREATE PROFILE BLAH3 LIMIT SESSIONS_PER_USER 3; CREATE PROFILE BLAH5 LIMIT SESSIONS_PER_USER 5; You then have to assign the right profile to the right user, like this: Copyright © Howard Rogers 2001 10/18/2001 Page 1 of 2
  • 2. Limiting concurrent connections Administration Tips ALTER USER FRED PROFILE BLAH3; ALTER USER MARY PROFILE BLAH5; … and so on. Next time Fred tries to log on multiple times, he’ll get the following error message on his fourth attempt: ERROR:ORA-02391: EXCEEDED SIMULTANEOUS SESSIONS_PER_USER LIMIT There is one extremely important point to know about resource profiles, however: they take no effect whatsoever until you switch them on. That is, even though they have been created, and properly assigned to all Users, no-one will have any connection limits until you tell the database to actually start enforcing the limits. That’s done with the following command: ALTER SYSTEM SET RESOURCE_LIMIT=TRUE; That switches on profile limits for the duration of the Instance, and for new connections only. A more permanent fix is to edit your init.ora, and enter the line resource_limit=true there. That way, every time you bounce the Instance, you’ll find resource profile limit being enforced. (Incidentally, any sessions a User already has running when you assign him the new profile and switch resource limiting on with the ‘alter system’ command are counted against his allowed total. So if a User already has 4 connections when you suddenly start limiting him to just 3, he will immediately not be able to make a fifth connection. However, the original 4 are not disconnected, and are allowed to proceed as normal). Copyright © Howard Rogers 2001 10/18/2001 Page 2 of 2