Oracle如何限制某个IP段只能某些用户访问
如下触发器可以实现并且若有不符合的用户登录会将信息记录到警告日志:
1 CREATE OR REPLACE TRIGGER logon_check_ip_user AFTER logoN ON DATABASE 2 DECLARE 3 error1 exception; 4 ip varchar2(60) := null; 5 user varchar2(60) := null; 6 l_message varchar2(2000); 7 BEGIN 8 SELECT sys_context('USERENV', 'IP_ADDRESS'), 9 sys_context('USERENV' ,'AUTHENTICATED_IDENTITY') 10 into ip, user 11 from dual; 12 if ip = '192.168.1.40' AND upper(user) not in ('ZKM1','ZKM2') then 13 select 'Illegal login attempt to the "' || 14 sys_context('USERENV', 'AUTHENTICATED_IDENTITY') || '" schema' || 15 ' using ' || sys_context('USERENV', 'AUTHENTICATION_TYPE') || 16 ' authentication' || ' at ' || 17 to_char(logon_time, 'dd-MON-yy hh24:mi:ss') || ' from ' || osuser || '@' || 18 machine || ' [' || 19 nvl(sys_context('USERENV', 'IP_ADDRESS'), 'UnkNown IP') || ']' || 20 ' via the "' || program || '" program.' 21 into l_message 22 from sys.v_$session 23 where sid = to_number(substr(dbms_session.unique_session_id, 1, 4), 'xxxx') 24 and serial# = to_number(substr(dbms_session.unique_session_id, 5, 4), 'xxxx'); 25 raise error1; 26 end if; 27 exception 28 WHEN error1 THEN 29 sys.dbms_system .ksdwrt( 2,l_message ); 30 raise_application_error(num => -20001,msg =>'Illegal login,permission denied! '); 31 WHEN others THEN 32 raise_application_error(num => -20001,msg =>'Illegal login,permission denied! '); 33 END; 34 /
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
