An Oracle Profile can be managed from the Oracle Profile window, found in Solution Manager / Security / Oracle Users folder.
Oracle profiles can be assigned to Oracle users for:
See Oracle manuals for more detailed information about profiles.
Any user who is not explicitly assigned a profile is subject to the limits defined in the DEFAULT profile. Also, if the profile that is explicitly assigned to a user omits limits for some resources or specifies DEFAULT for some limits, the user is subject to the limits on those resources defined by the DEFAULT profile. The DEFAULT profile always exists and it can’t be removed.
When setting the values for profiles two special values are used.
Password preferences is used to set password policies for a group of users belonging to a specific profile. Note this only applies to IFS Applications if Database Authentication is used.
| Setting | Description |
|---|---|
| Failed_Login_Attempts | Specify the number of failed attempts to log in to the user account before the account is locked. |
| Password_Life_Time | Specify the number of days the same password can be used for authentication. The password expires if it is not changed within this period, and further connections are rejected. Note: the PASSWORD_LIFE_TIME limit is measured from the last time the user's password was changed, or if never changed, from the account creation date. It is not measured from the current time. |
| Password_Reuse_Time | Specify the number of days before which a password cannot be reused. If you set PASSWORD_REUSE_TIME to an integer value, then you must set PASSWORD_REUSE_MAX to UNLIMITED. |
| Password_Reuse_Max | Specify the number of password changes required before the current password can be reused. If you set PASSWORD_REUSE_MAX to an integer value, then you must set PASSWORD_REUSE_TIME to UNLIMITED. |
| Password_Lock_Time | Specify the number of days an account will be locked after the specified number of consecutive failed login attempts. |
| Password_Grace_Time | Specify the number of days after the grace period begins during which a warning is issued and login is allowed. If the password is not changed during the grace period, the password expires. |
| Password_Verify_Function | The PASSWORD_VERIFY_FUNCTION clause allows a
PL/SQL password complexity verification script to be passed as an argument
to the CREATE PROFILE statement. Oracle provides a default script, but you
can create your own routine or use third-party software instead.
|
Resource limits is used to limit how much system resources a user (assigned to this profile) is allowed to consume. Note that these settings only have effect on normal users when connecting directly to the database from an external client. Database connections from IFS Application Server connect as IFS System User.
|
Setting |
Description |
|---|---|
|
Sessions_Per_User |
Specify the number of concurrent sessions to which you want to limit the user. |
|
Cpu_Per_Session |
Specify the CPU time limit for a session, expressed in hundredth of seconds. |
|
Cpu_Per_Call |
Specify the CPU time limit for a call (a parse, execute, or fetch), expressed in hundredths of seconds. |
|
Connect_Time |
Specify the total elapsed time limit for a session, expressed in minutes. |
|
Idle_Time |
Specify the permitted periods of continuous inactive
time during a session, expressed in minutes. Long-running queries and other
operations are not subject to this limit. Should always be set to 'UNLIMITED'! |
|
Logical_Reads_Per_ Session |
Specify the permitted number of data blocks read in a session, including blocks read from memory and disk. |
|
Logical_Reads_Per_Call |
Specify the permitted the number of data blocks read for a call to process a SQL statement (a parse, execute, or fetch). |
|
Private_Sga |
Specify the amount of private space a session can
allocate in the shared pool of the system global area (SGA), expressed in
bytes. Use K or M to specify this limit in kilobytes or megabytes.
Note! This limit applies only if you are using multi-threaded server architecture. The private space for a session in the SGA includes private SQL and PL/SQL areas, but not shared SQL and PL/SQL areas. |
|
Composite_Limit |
Specify the total resources cost for a session, expressed in service units. Oracle calculates the total service units as a weighted sum of CPU_PER_SESSION, CONNECT_TIME, LOGICAL_READS_PER_SESSION, and PRIVATE_SGA. |
Missplaced?
Init.ora parameter RESOURCE_LIMIT must be set to TRUE for activating resource limits. This parameter does not apply to password preferences. Password preferences are always enabled.