Документ создан: 13.03.2019

Profile: PASSWORD_VERIFY_FUNCTION.

Ради эксперимента создал функцию проверки сложности пароля:

profile_passwd_vrfy.sql
CREATE OR REPLACE FUNCTION profile_passwd_vrfy (in_username IN varchar2, in_new_password IN varchar2, in_old_password IN varchar2)
RETURN BOOLEAN AS
begin
    IF upper(in_new_password) = in_username then
        raise_application_error(-20001, 'Password can not be user name.');
    elsif in_new_password = in_old_password then
        raise_application_error(-20002, 'Password can not be identical to old password.');
    elsif NOT (regexp_like(in_new_password, '[A-Z]+') AND regexp_like(in_new_password, '[a-z]+') AND regexp_like(in_new_password, '\d+')) then
        raise_application_error(-20003, 'Password must contains numeric and alphabetical symbol in upper and lower.');
    elsif length(in_new_password) < 6 then
        raise_application_error(-20004, 'Password length can not be less than 6 symbols.');
    end IF;
    RETURN true;
end;

Функция не допускает длины пароля менее 6 символов, совпадение пароля с именем пользователя и со старым паролем. Кроме этого контролирует, чтобы пароль содержал символы и в верхнем, и в нижнем регистре и цифры.

Нужно назначить её профилю (у меня это был профиль "TEST"):

ALTER profile TEST LIMIT PASSWORD_VERIFY_FUNCTION PROFILE_PASSWD_VRFY;
> SELECT * FROM dba_profiles WHERE profile='TEST' AND resource_name='PASSWORD_VERIFY_FUNCTION';
 
PROFILE                        RESOURCE_NAME                  RESOURCE_TYPE                  LIMIT
------------------------------ ------------------------------ ------------------------------ ------------------------------
TEST                           PASSWORD_VERIFY_FUNCTION       PASSWORD                       PROFILE_PASSWD_VRFY

Пробуем создать пользователя:

> CREATE user utest IDENTIFIED BY ptest profile test;
CREATE user utest IDENTIFIED BY ptest profile test
*
ERROR at line 1:
ORA-28003: password verification FOR the specified password failed
ORA-20003: Password must contains numeric AND alphabetical symbol IN upper AND lower.
 
 
> CREATE user utest IDENTIFIED BY utest profile test;
CREATE user utest IDENTIFIED BY utest profile test
*
ERROR at line 1:
ORA-28003: password verification FOR the specified password failed
ORA-20001: Password can NOT be user name.
 
 
> CREATE user utest IDENTIFIED BY Utst1 profile test;
CREATE user utest IDENTIFIED BY Utst1 profile test
*
ERROR at line 1:
ORA-28003: password verification FOR the specified password failed
ORA-20004: Password length can NOT be less than 6 symbols.
 
 
> CREATE user utest IDENTIFIED BY Utest123 profile test;
 
User created.

Пробуем поменять пароль на тот же самый:

UTEST@XE (35)> password
Changing password FOR UTEST
Old password:
New password:
Retype new password:
ERROR:
ORA-28003: password verification FOR the specified password failed
ORA-20002: Password can NOT be identical TO old password.
 
 
Password unchanged
 
Top.Mail.Ru
Recent changes RSS feed Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki Donate