Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:01,370 --> 00:00:04,250
In this lesson, we'll
be looking at profiles.
2
00:00:04,250 --> 00:00:10,050
So a profile is a resource limit
that can be assigned to a user.
3
00:00:10,050 --> 00:00:14,430
To create a profile, we'll use
the CREATE PROFILE command.
4
00:00:14,430 --> 00:00:17,760
And to change it, to
alter the limits for it,
5
00:00:17,760 --> 00:00:19,800
we use ALTER PROFILE.
6
00:00:19,800 --> 00:00:23,820
So there are two types of
profiles that we can use
7
00:00:23,820 --> 00:00:27,010
or at least two sets
of resource limits.
8
00:00:27,010 --> 00:00:30,090
The first type is
password limits,
9
00:00:30,090 --> 00:00:33,750
so these are the limitations
on password behavior,
10
00:00:33,750 --> 00:00:37,420
such as the length of time
that a password can be active,
11
00:00:37,420 --> 00:00:39,480
how many times it
can be changed,
12
00:00:39,480 --> 00:00:42,960
how much time needs to expire
before the password could
13
00:00:42,960 --> 00:00:45,560
be changed, so on and so forth.
14
00:00:45,560 --> 00:00:47,800
And also system resource
limits-- and these
15
00:00:47,800 --> 00:00:49,240
are a little different.
16
00:00:49,240 --> 00:00:52,420
System resource
limits apply to things
17
00:00:52,420 --> 00:00:58,240
like CPU usage and memory usage,
so we can actually assign these
18
00:00:58,240 --> 00:01:02,140
to a profile and assign
that profile to a user
19
00:01:02,140 --> 00:01:04,690
to limit the amount
of system resources
20
00:01:04,690 --> 00:01:07,730
that they can actually use.
21
00:01:07,730 --> 00:01:11,620
So some examples of
password limits--
22
00:01:11,620 --> 00:01:13,720
FAILED-LOGIN_ATTEMPTS,
so this is
23
00:01:13,720 --> 00:01:15,610
the number of times
an account can
24
00:01:15,610 --> 00:01:19,180
fail the login before it locks.
25
00:01:19,180 --> 00:01:22,450
So if we set
FAILED_LOGIN_ATTEMPTS to 5
26
00:01:22,450 --> 00:01:25,870
and the user attempted
to log in five
27
00:01:25,870 --> 00:01:28,030
times with the
incorrect password,
28
00:01:28,030 --> 00:01:29,960
the account would lock.
29
00:01:29,960 --> 00:01:33,050
PASSWORD_LOCK_TIME
is the amount of time
30
00:01:33,050 --> 00:01:37,490
that the account stays locked
after failed login attempts has
31
00:01:37,490 --> 00:01:38,690
been reached.
32
00:01:38,690 --> 00:01:41,450
So we've probably
seen situations
33
00:01:41,450 --> 00:01:44,390
where you log into
the web application
34
00:01:44,390 --> 00:01:46,550
and incorrect password.
35
00:01:46,550 --> 00:01:48,920
It stays locked for a
certain period of time,
36
00:01:48,920 --> 00:01:51,710
and then you're able to go
in later and try it again.
37
00:01:51,710 --> 00:01:55,160
So that's the same kind of
thing that PASSWORD_LOCK_TIME
38
00:01:55,160 --> 00:01:56,900
is a limit over.
39
00:01:56,900 --> 00:01:59,600
PASSWORD_LIFE_TIME
is the amount of time
40
00:01:59,600 --> 00:02:03,470
that a password can be active
before it must be changed.
41
00:02:03,470 --> 00:02:06,950
PASSWORD_REUSE_TIME
is the amount of time
42
00:02:06,950 --> 00:02:10,190
that must pass before a
password can be reused.
43
00:02:10,190 --> 00:02:13,610
And PASSWORD_REUSE_MAX
is the number of times
44
00:02:13,610 --> 00:02:17,840
that a password must be changed
before it can be reused.
45
00:02:17,840 --> 00:02:20,060
And then
PASSWORD_VERIFY_FUNCTION
46
00:02:20,060 --> 00:02:21,650
is an interesting limit.
47
00:02:21,650 --> 00:02:24,740
PASSWORD_VERIFY_FUNCTION
can be assigned
48
00:02:24,740 --> 00:02:28,940
to a PL/SQL function
that will check
49
00:02:28,940 --> 00:02:31,410
the complexity of the password.
50
00:02:31,410 --> 00:02:36,980
So if we want our passwords
to be say 12 characters long
51
00:02:36,980 --> 00:02:41,180
and have a combination of
uppercase and lowercase letters
52
00:02:41,180 --> 00:02:44,270
and numbers, and maybe
some special characters
53
00:02:44,270 --> 00:02:47,720
in the password to
ensure complexity,
54
00:02:47,720 --> 00:02:51,590
that can all be created in
a PASSWORD_VERIFY_FUNCTION.
55
00:02:51,590 --> 00:02:54,320
And Oracle actually
includes an example function
56
00:02:54,320 --> 00:02:59,950
that is easy to modify in
order to put this in place.
57
00:02:59,950 --> 00:03:03,010
The other type of limits in
a profile or system resource
58
00:03:03,010 --> 00:03:04,330
limits.
59
00:03:04,330 --> 00:03:07,370
We can look at things
like SESSIONS_PER_USER.
60
00:03:07,370 --> 00:03:09,460
So this is the
number of sessions
61
00:03:09,460 --> 00:03:12,040
that a individual user
can have connected
62
00:03:12,040 --> 00:03:14,450
to the database at any one time.
63
00:03:14,450 --> 00:03:17,140
So this limits
behavior, such as where
64
00:03:17,140 --> 00:03:20,350
people log in with
one session in a tool,
65
00:03:20,350 --> 00:03:24,550
and then log in another and
another, and different windows
66
00:03:24,550 --> 00:03:27,330
running operations
against the database.
67
00:03:27,330 --> 00:03:31,300
CPU_PER_SESSION is the
amount of CPU cycles
68
00:03:31,300 --> 00:03:33,820
that can be used
in a given session
69
00:03:33,820 --> 00:03:37,600
before that session is no
longer allowed to use CPU
70
00:03:37,600 --> 00:03:40,330
and effectively
will give an error.
71
00:03:40,330 --> 00:03:43,600
So CPU_PER_SESSION
is kind of not
72
00:03:43,600 --> 00:03:46,060
used probably as
much these days.
73
00:03:46,060 --> 00:03:49,180
Oracle has other ways of
doing resource management that
74
00:03:49,180 --> 00:03:51,190
are better than profiles.
75
00:03:51,190 --> 00:03:54,340
CPU_PER_SESSION and some
of the system resource
76
00:03:54,340 --> 00:03:56,680
limits kind of
hearken back to a time
77
00:03:56,680 --> 00:04:01,390
when there were more
constraints on resources
78
00:04:01,390 --> 00:04:03,160
in database servers.
79
00:04:03,160 --> 00:04:08,590
In order to pass allowed as
much of that resource as it can,
80
00:04:08,590 --> 00:04:12,080
we had limits like
CPU_PER_SESSION.
81
00:04:12,080 --> 00:04:14,180
IDLE_TIME is a
system resource limit
82
00:04:14,180 --> 00:04:17,450
that is used pretty frequently
and is a good security
83
00:04:17,450 --> 00:04:18,470
practice.
84
00:04:18,470 --> 00:04:21,080
IDLE_TIME specifies
the amount of time
85
00:04:21,080 --> 00:04:23,120
that a session can
be idle before it
86
00:04:23,120 --> 00:04:24,630
would be disconnected.
87
00:04:24,630 --> 00:04:27,350
So you may have seen situations
in applications where you've
88
00:04:27,350 --> 00:04:29,930
connected, and then
not done anything
89
00:04:29,930 --> 00:04:33,200
in the session for a period
of time, and then timed out.
90
00:04:33,200 --> 00:04:35,560
Web applications
often do this as well.
91
00:04:35,560 --> 00:04:38,480
And so that's how
IDLE_TIME functions.
92
00:04:38,480 --> 00:04:40,940
CONNECT_TIME is
the amount of time
93
00:04:40,940 --> 00:04:43,490
that a session can be
connected to the database
94
00:04:43,490 --> 00:04:46,170
before it's forcibly
disconnected.
95
00:04:46,170 --> 00:04:49,850
So this limits people from
running a continual session
96
00:04:49,850 --> 00:04:53,240
for a long period of time
perhaps with bad SQL statement
97
00:04:53,240 --> 00:04:55,200
or something of that nature.
98
00:04:55,200 --> 00:04:56,390
And then COMPOSITE_LIMIT.
99
00:04:56,390 --> 00:04:59,510
COMPOSITE_LIMIT is
a resource limit
100
00:04:59,510 --> 00:05:03,720
that allows us to take a number
of different resource limits,
101
00:05:03,720 --> 00:05:06,080
such as CPU_PER_SESSION
and some of the limits
102
00:05:06,080 --> 00:05:08,900
that deal with memory
and form them together
103
00:05:08,900 --> 00:05:11,600
into a composite overall limit.
104
00:05:11,600 --> 00:05:14,480
So you manage that
part of it, and then
105
00:05:14,480 --> 00:05:17,000
if that COMPOSITE_LIMIT
is reached
106
00:05:17,000 --> 00:05:21,320
in terms of usage of CPU,
and memory, and other limits,
107
00:05:21,320 --> 00:05:25,610
then the session is
disconnected or gives an error.
108
00:05:25,610 --> 00:05:29,180
So let's look at
creating a profile.
109
00:05:29,180 --> 00:05:32,720
Want to open the
system connection.
110
00:05:32,720 --> 00:05:37,770
Creating a profile is going to
require system admin rights.
111
00:05:37,770 --> 00:05:55,830
We say create profile, and then
we begin specifying our limits
112
00:05:55,830 --> 00:05:59,630
and as many limits as
we wish to specify.
113
00:05:59,630 --> 00:06:03,590
So now that profile
has been created.
114
00:06:03,590 --> 00:06:07,150
If we wish to alter the
profile, we use alter profile.
115
00:06:10,060 --> 00:06:13,390
failed_login_attempts-- 5.
116
00:06:16,170 --> 00:06:18,120
Keep the limit keyword in their.
117
00:06:20,630 --> 00:06:22,430
Now when we want
to see information
118
00:06:22,430 --> 00:06:25,260
about a given profile
and its limits,
119
00:06:25,260 --> 00:06:29,150
we select from dba_profiles.
120
00:06:31,970 --> 00:06:34,220
Profile equals
the profile name--
121
00:06:41,020 --> 00:06:42,250
dba_profiles.
122
00:06:45,570 --> 00:06:48,000
So a number of the
resources, such as COMPOSITE
123
00:06:48,000 --> 00:06:51,590
and SESSIONS_PER_USER,
we've left to the default.
124
00:06:51,590 --> 00:06:53,880
And then others, such as
FAILED_LOGIN_ATTEMPTS attempts
125
00:06:53,880 --> 00:06:56,720
and PASSWORD_LIFE_TIME,
we've set to values.
126
00:06:59,800 --> 00:07:04,060
Now when the Kara user logs
in, she has that profile,
127
00:07:04,060 --> 00:07:06,930
and those limits would
be assigned to her.
10243
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.