September 2008

Tuesday, September 23, 2008

Free Blog Spot Dad&son

Storing Passwords In The Database 10G

DBMS_CRYPTO
DBMS_CRYPTO

The package is a replacement for the
DBMS_OBFUSCATION_TOOLKIT
package available in Oracle 8i and 9i. The new package is Easier to use and contains more cryptographic algorithms:

Source

{ORACLE_HOME} / rdbms / admin / dbmsobtk.sql

Cryptographic algorithms - DES, 3DES, AES, RC4, 3DES_2KEY

Padding forms - PKCS5, zeroes

Block cipher chaining modes - CBC, CFB, ECB, OFB

Cryptographic hash algorithms - MD5, SHA-1, MD4

Keyed hash (MAC) algorithms - HMAC_MD5, HMAC_SH1

Cryptographic pseudo-random number generator - RAW, NUMBER, BINARY_INTEGER

Database types - RAW, CLOB, BLOB

A simple example of it's usage is:

SET SERVEROUTPUT ON
DECLARE
l_credit_card_no VARCHAR2(19) := '1234 5678 9012 3456';
l_ccn_raw RAW(128) := UTL_RAW.cast_to_raw(l_credit_card_no);
l_key RAW(128) := UTL_RAW.cast_to_raw('abcdefgh');

l_encrypted_raw RAW(2048);
l_decrypted_raw RAW(2048);
BEGIN
DBMS_OUTPUT.put_line('Original : ' UTL_RAW.cast_to_varchar2(l_decrypted_raw));
END;
/
Original : 1234 5678 9012 3456
Encrypted : 3041423134363932354234374545463631304337384433354443433736323331354244454237324635314545
Decrypted : 1234 5678 9012 3456

PL/SQL procedure successfully completed.

Streamingsouthparkavatar

Storing Passwords In The Database 8i to 9iR2

When security is managed within applications there is often a need to store passwords in database tables. This in itself can lead to security issues since people with appropriate privileges can read the contents of the security tables. A common approach to solving this is to encrypt the password before storing it. The problem with encryption is that it implies a possible decryption mechanism that could expose a hole in your security. A safer alternative is to store a hash of the username and password. In this article I'll present a simple example of this process using the

DBMS_OBFUSCATION_TOOLKIT package that is available in Oracle8i and Oracle9i:

Security Table

First we must build a table to hold the security information:

CREATE TABLE app_users (

id NUMBER(10) NOT NULL,

username VARCHAR2(30) NOT NULL,

password VARCHAR2(16) NOT NULL

)

)
/

ALTER TABLE app_users ADD (
CONSTRAINT app_users_uk UNIQUE (username)
)
/

CREATE SEQUENCE app_users_seq
/

Security Package
Next we create the package that contains the specification of the security code:

CREATE OR REPLACE PACKAGE app_user_security AS

FUNCTION get_hash (p_username IN VARCHAR2,
p_password IN VARCHAR2)
RETURN VARCHAR2;

PROCEDURE add_user (p_username IN VARCHAR2,
p_password IN VARCHAR2);

PROCEDURE change_password (p_username IN VARCHAR2,
p_old_password IN VARCHAR2,
p_new_password IN VARCHAR2);

PROCEDURE valid_user (p_username IN VARCHAR2,
p_password IN VARCHAR2);

FUNCTION valid_user (p_username IN VARCHAR2,
p_password IN VARCHAR2)
RETURN BOOLEAN;

END;
/

We then create the package body to define the actual operations:

CREATE OR REPLACE PACKAGE BODY app_user_security AS

FUNCTION get_hash (p_username IN VARCHAR2,
p_password IN VARCHAR2)
RETURN VARCHAR2 AS
BEGIN
RETURN DBMS_OBFUSCATION_TOOLKIT.MD5(
input_string => UPPER(p_username)
END;

PROCEDURE add_user (p_username IN VARCHAR2,
p_password IN VARCHAR2) AS
BEGIN
INSERT INTO app_users (
id,
username,
password
)
VALUES (
app_users_seq.NEXTVAL,
UPPER(p_username),
get_hash(p_username, p_password)
);

COMMIT;
END;

PROCEDURE change_password (p_username IN VARCHAR2,
p_old_password IN VARCHAR2,
p_new_password IN VARCHAR2) AS
v_rowid ROWID;
BEGIN
SELECT rowid
INTO v_rowid
FROM app_users
WHERE username = UPPER(p_username)
AND password = get_hash(p_username, p_old_password)
FOR UPDATE;

UPDATE app_users
SET password = get_hash(p_username, p_new_password)
WHERE rowid = v_rowid;

COMMIT;
EXCEPTION
WHEN NO_DATA_FOUND THEN
RAISE_APPLICATION_ERROR(-20000, 'Invalid username/password.');
END;

PROCEDURE valid_user (p_username IN VARCHAR2,
p_password IN VARCHAR2) AS
v_dummy VARCHAR2(1);
BEGIN
SELECT '1'
INTO v_dummy
FROM app_users
WHERE username = UPPER(p_username)
AND password = get_hash(p_username, p_password);
EXCEPTION
WHEN NO_DATA_FOUND THEN
RAISE_APPLICATION_ERROR(-20000, 'Invalid username/password.');
END;

FUNCTION valid_user (p_username IN VARCHAR2,
p_password IN VARCHAR2)
RETURN BOOLEAN AS
BEGIN
valid_user(p_username, p_password);
RETURN TRUE;
EXCEPTION
WHEN OTHERS THEN
RETURN FALSE;
END;

END;
/

The overloads of
VALID_USER
allow the security check to be performed in a different manner.

The
GET_HASH
function is used to hash the combination of the username and password. It always returns a
VARCHAR2(16)
regardless of the length of the input parameters. This level of compression means that the hash value may not be unique, hence the unique constraint on the
USERNAME
column.

The DBMS_OBFUSCATION_TOOLKIT.MD5

function, but the hashing algorithm of the former is not garaunteed to stay constant between database versions.

Testing First we create a new user:
SQL> exec app_user_security.add_user('fernandov','mypass');
PL/SQL procedure successfully completed. SQL> select * from app_users; ---------- ------------------------------ ---------------- VALID_USER procedure:

ID USERNAME PASSWORD

1 fernandov f>~âÝ♀?£åeÍ?+▄} Next we check the

SQL> EXEC app_user_security.valid_user('fernandov','mypass');

PL/SQL procedure successfully completed.
SQL> EXEC app_user_security.valid_user('fernandov','abcd');
*
ORA-20000: Invalid username/password.
ORA-06512: at line 1
Next we check the
function:

SQL> SET SERVEROUTPUT ON

SQL> BEGIN

 2    IF app_user_security.valid_user('fernandov','mypass') THEN 
 3      DBMS_OUTPUT.PUT_LINE('TRUE'); 
 4    ELSE 
 5      DBMS_OUTPUT.PUT_LINE('FALSE'); 
 6    END IF; 
 7  END; 
 8  / 
 TRUE 
  
 PL/SQL procedure successfully completed. 
  
 SQL> BEGIN 
 2    IF app_user_security.valid_user('fernandov','abcd') THEN 
 3      DBMS_OUTPUT.PUT_LINE('TRUE'); 
 4    ELSE 
 5      DBMS_OUTPUT.PUT_LINE('FALSE'); 
  6    END IF; 
 7  END; 
 8  / 
 FALSE 
  
 PL/SQL procedure successfully completed. 
  
 SQL> 
  
   Finally we check the  
 CHANGE_PASSWORD 
  procedure: 
  
  
 SQL> exec app_user_security.change_password('fernandov','mypass','password2');

PL/SQL procedure successfully completed. BEGIN app_user_security.change_password('tim','abcd','abcd1'); END; *
ERROR at line 1:
ORA-20000: Invalid username/password.
ORA-06512: at "W2K1.APP_USER_SECURITY", line 47

ORA-06512: at line 1

PD:article original http://www.oracle-base.com/articles/9i/StoringPasswordsInTheDatabase9i.php
  
  
  
  
  
  

Monday, September 22, 2008

Difference Between A Ppo And Pffs Plan

The Power of ASH (Active Session History)

Oracle 10g, brings many new features through which one can easily tune the bad sqls or also can diagnose the database performance issues.

Using database metrics, active session history and time model views.

Following query fetchs top sqls spent more on cpu/wait/io. (Thanks to Kyle Hailey for this script):

select
ash.SQL_ID ,
sum(decode(ash.session_state,'ON CPU',1,0)) "CPU",
sum(decode(ash.session_state,'WAITING',1,0)) -
sum(decode(ash.session_state,'WAITING', decode(en.wait_class, 'User I/O',1,0),0)) "WAIT" ,
sum(decode(ash.session_state,'WAITING', decode(en.wait_class, 'User I/O',1,0),0)) "IO" ,
sum(decode(ash.session_state,'ON CPU',1,1)) "TOTAL" from v$active_session_history ash,v$event_name en where SQL_ID is not NULL and en.event#=ash.event#

group by

ash.SQL_ID;

  
 SQL_ID CPU WAIT IO TOTAL 
 ------------- ---------- ---------- ---------- ---------- 
 bqts5m5y267ct 0 0 20 20 
 4gd6b1r53yt88 0 16 1 17 
 35rqnp0hn3p3j 0 13 0 13 
 3shtm7x3a54qu 0 0 8 8 
 0hf43mhpx086p  0 0 4 4 
  
 Use any of v$sql to get the sql_text for one of the above sql_id. 
  
  
 SELECT sql_text FROM v$sqlarea WHERE sql_id = 'bqts5m5y267ct'; 
  
  
 dbms_xplan.display_awr can be used to extract the sql plan for this sql_id. 
  
  
 SELECT * FROM table(dbms_xplan.display_awr('bqts5m5y267ct');

The above scinario was done in Oracle 10g Re.2 on SunSolaris

PD: article original http://jaffardba.blogspot.com/2006/11/power-of-ash-active-session-history.html
  
  
  

My Female Doctor Stares At My Penis

row enable Oracle Movement

The "enable row movement" feature of Oracle is somewhat confusing to beginners and this notes describes some times when "enable row movement" is used. For complete details, see my book "
Oracle Tuning: The Definitive Reference
"

Oracle has several commands to reclaim unused disk space for objects (tables and indexes). Using the "
alter table xxx shrink space compact"
command also has the benefit of making full-table scans run faster, as less block accesses are required. With standard Oracle tables, you can reclaim space with the "alter table shrink space" command:

SQL> alter table mytable enable row movement;
Table altered

SQL> alter table mytable shrink space;
Table altered

Finding tables and indexes for shrinking

The Oracle 10g segment advisor will recommend tables that will benefit from shrinking and indexes that require rebuilding (to reclaim space).

When you add the clause "enable row movement" to a create table statement, you are giving Oracle permission to change the ROWID's. This allows Oracle to condense table rows and make it easier to reorganize tables. The enable row movement clause in used within these features:

    
 Alter table xxx shrink space compact 
  - When using Automatic Segment   Storage Management (ASSM, a.k.a. bitmap freelists) you can issue the " 
 alter   table xxx shrink 
 " command. to compress the table rows into less data   blocks, and Oracle moves down the high water mark  to release the space.    This makes full-table scans run faster.

Flashback table - Using the flashback table features requires "enable row movement".

    
    
 Table reorganization 
  - An Oracle10g database can reclaim space within   data segments online without affecting the ability of end users to access   their data. The only thing that must be ensured before using online segment   reorganization capability is that the tablespaces have the Automatic Segment   Space Management (ASSM) and row movement features enabled. Oracle10g   introduces the ability to reclaim space from a segment by shrinking of the   segment. Shrinking a segment will make unused space  available to other   segments in the tablespace and may improve the performance of queries and   DML operations.

The segment shrink is an online operation where the table being shrunk is open to queries and DML while the segment is being shrunk. Additionally, segment shrink is performed in-place. This is a key advantage over performing Online Table Redefinition for compaction and reclaiming space.

             
  
   
  
   
  
   
   
      
 Finding opportunities for enable      row movement 
  
  
   
   
       
  
   
   
       
 With the introduction of the      
 alter table xxx shrink space      compact 
  syntax, the DBA gets a powerful tool for      effective and easy database space management. However, the DBA      needs to know what data segments experience high space waste in      order to reclaim free space to the database and shrink segments.      
  
       
      This page 
  shows scripts that can be run to identify      opportunities for using the "alter table shrink compact" command      and you can use the

awr_list_seg_block_space.sql

script to report percentages of free space for data segments.

  
       
  
  
   
   
       
  
    
   
      
 Caveat:  Using enable row      movement can corrupt any Oracle features that rely on ROWID,      such as nested tables, and they should be used with caution.

PD:

article original : http://www.dba-oracle.com/t_enable_row_movement.htm

Short Dress For Which Lag Shape

Learn tips Versions of Software you use

Of Versions and Figuring Them Out

One of the things that you come across quite frequently when you work with oracle support is to need to tell them the product versions or the platform versions which run your oracle applications.
since it is possible for Oracle to simulate your environment completely or not aat all in most cases its vital that you feed them with as accurate information about your environment as possible.

The current post focuses on getting the version information which are commonly asked by during a service request.

I am categorizing this post into three sections

Oracle Applications Components
Oracle Database Components
Operating System and Utilities

Oracle Applications Components

Oracle Applications version.

You may never need this but in case you are looking at a new environment then the simplest way to figure out your application version is by navigating to

Version of a Oracle Applications Form (fmx) or report To find the version of any oracle applications files strings -a ICQTYED.fmx to the jdbc zip file
/u01/applsam/samcomn/java/jdbc14.zip

How to find the Apache version? Go to the $iAS/Apache/Apache/bin directory and enter the following command: $ httpd -version

Version Of The OA Framework To find out the version of your Oracle appplication Framework
http://[host].[domain]:[portnumber]/OA_HTML/OAInfo.jsp OA Framework Version Information OA Framework Version 11.5.10.2CU. MDS Version 9.0.5.4.81 (build 481)
UIX Version 2.2.18
BC4J Version 9.0.3.13.51

Oracle Application Product Version or Patch Set Level. One of the most common things you will asked by your support engineer is the version or commonly known as the patch set level of your Oracle Applications product, while or after raising your service request. You can query this by logging on to your application database as the apss user.
select patch_level from fnd_product_installations where patch_level like '%AD%';

OJSP Version

cd $OA_HTML edit the jtflogin.jsp file to add the following line OJSP Version: WorkFlow Version You can find out the version of your workflow using the following query SQL> select TEXT Version from WF_RESOURCES 2 where TYPE = 'WFTKN' and NAME = 'WF_VERSION';

VERSION

-------------------------------------------------------------------------------- 2.6.0
Oracle Database Components

Oracle RDBMS Version

You can query the version of your database user the dynamic view V$VERSION

SQL> SELECT * FROM V$VERSION; BANNER ----------------------------------------------------------------

Oracle9i Enterprise Edition Release 9.2.0.6.0 - Production

PL/SQL Release 9.2.0.6.0 - Production CORE 9.2.0.6.0 Production TNS for Solaris: Version 9.2.0.6.0 - Production

NLSRTL Version 9.2.0.6.0 - Production

Version of OPATCH

$ perl $ORACLE_HOME/OPatch/opatch.pl version /oracle/product/v9.2.0.6_doeb10s/OPatch/opatch.pl version: 1.0.0.0.51

$ lsnrctl version

LSNRCTL for Solaris: Version 9.2.0.6.0 - Production on 06-JUL-2007 09:34:53 Copyright (c) 1991, 2002, Oracle Corporation. All rights reserved. Connecting to (ADDRESS=(PROTOCOL=TCP)(HOST=samsolx)(PORT=1527)) TNSLSNR for Solaris: Version 9.2.0.6.0 - Production TNS for Solaris: Version 9.2.0.6.0 - Production
Unix Domain Socket IPC NT Protocol Adaptor for Solaris: Version 9.2.0.6.0 - Production

Oracle Bequeath NT Protocol Adapter for Solaris: Version 9.2.0.6.0 - Production

TCP/IP NT Protocol Adapter for Solaris: Version 9.2.0.6.0 - Production,,

The command completed successfully

Operating Systems and Utilities

Sun Solaris Version

To check the version of you Solaris you can use the following file. $ cat /etc/release Solaris 8 2/02 Fujitsu_3 s28s_u7fjsv3wos_04 SPARC Copyright 2002 Sun Microsystems, Inc. All Rights Reserved. Assembled 08 December 2002 RedHat Linux Version

You can check the version and release of Linux from the following file

Red Hat Enterprise Linux AS release 4 (Nahant Update 2)

Perl Version You can use the perl -v or the perl - version command to find out the version of perl on your environment.

$ perl -version

Java Version To fine the version of Java used $ java -version java version "1.4.2_04"

Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2_04-b05)

Java HotSpot(TM) Client VM (build 1.4.2_04-b05, mixed mode)

Version of Installed packages on Solaris

To find the version of the packages on Solaris $ pkginfo -i You can check the bit size of your OS by using the following command $ isainfo -b 64 Bit of your Oracle Software To check if your Oracle Binary is 32 bit or 64 bit you can use the file command on any of the oracle executables like $ file $ORACLE_HOME/bin/oracle /oracle/product/v9.2.0.6_doeb10s/bin/oracle: ELF 32-bit MSB executable SPARC Version 1, dynamically linked, not stripped

Monday, September 8, 2008

What Trowel Wall Tiles

Because you have opened the new website ... Campaign

WELCOME FRIENDS

CLICK HERE

Wednesday, September 3, 2008

How Large Was John Holmes

Starter CD Polop

The CD Polop, has launched a campaign to start soccer for children born between 1995 and 2000, in order to enhance the practice of the sport.

The categories are: Benjamin born in 1999 and 2000; Youngsters born in 1997 and 1998, and Child, for those born in 1995 and 1996.

The main objective of this campaign Initiation is the practice of sport and fun for children through sports, because, according to notes from the CD Polop, "sport is not only fun, but also promotes a healthy and happy."

You can register by calling 606 778 761 .

cheer up and participate!