Oracle11g、12c大量错误登陆尝试带来的数据库异常-创新互联

APPLIES TO:

10年积累的成都网站制作、成都网站设计、外贸营销网站建设经验,可以快速应对客户对网站的新想法和需求。提供各种问题对应的解决方案。让选择我们的客户得到更好、更有力的网络服务。我虽然不认识你,你也不认识我。但先网站制作后付款的网站建设流程,更有秀山土家族苗族免费网站建设让你可以放心的选择与我们合作。
Oracle Database - Enterprise Edition - Version 10.2.0.5 and later
Information in this document applies to any platform.

CAUSE

A hang is possible in earlier versions of RDBMS as a result of an unpublished bug fixed in the following versions:

    12.1.0.1 (Base Release)
    11.2.0.2 (Server Patch Set)
    11.1.0.7 Patch 42 on Windows Platforms
Document 9776608.8 Bug 9776608 - Hang from concurrent login to same account with a wrong password

Even with this fix, numerous failed logins attempts can cause row cache lock waits and/or library cache lock waits. 

This was reported in:

Bug 11742803 LOTS OF 'LIBRARY CACHE LOCK' DURING USER LOGON AUTHENTICATION
This was closed as not a bug because there is an intentional wait when a login fails.

SOLUTION

In Oracle 11g Release 11.1.0.7,  the wait is disabled unconditionally
In Oracle 11g Release 2 and higher, in order to disable the wait between login failures the event 28401 needs to be explicitly enabled:
The event can be set as follows:

alter system set event ="28401 TRACE NAME CONTEXT FOREVER, LEVEL 1" scope=spfile;

To unset the event, set as follows:
SQL> Alter system set event= '28401 trace name context off' scope=spfile ;

小结:
关于大量的并发的错误密码连接数据库可能会导致数据库hang、或者引起性能问题,对数据库的影响非常大,近期就遇到过这样的一个案例。当然Oracle本身这个特性是非常好的,但是在当下确实会遇到一些问题,大家可以使用event 28401禁用这个特性。但是最好是要从管理上解决掉这样的问题,从安全层面做好管控。

另外有需要云服务器可以了解下创新互联scvps.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。


名称栏目:Oracle11g、12c大量错误登陆尝试带来的数据库异常-创新互联
URL链接:http://pwwzsj.com/article/dgseds.html