Some departments need to extract rows from the production daily for busines analyze, so we decide to open the standby in read only mode for data extracting with database link. The database link can protect the database user password information well. But now they change the data analyze platform, database link does not work anymore, they need to extract the rows into flat files for further processing with greenpalm.
SQLULDR2 is a good tool for extracting rows to flat files for Oracle database. But the security team ask DBAs to well protect the database user password, which required DBAs can only give them encrypted password string. So I add the connection inforamtion encryption feature to SQLULDR2.
By default, SQLULDR2 does not think that the connection information is encrypted, we just put the connection information into the parameter file.
user=scott/tiger@//localhost:1521/db10g
query=select * from emp
But now we need to protect the connection information by encrypt them in SQLULDR2 with the crypt command line option.
D:\>sqluldr2 user=scott/tiger@//localhost:1521/db10g crypt=create
4899919fa603950b53e639d80245beae8b5d8bb7437bf79e92a473d60377e269
499ee76090faa97f7f043eeae19ffa5445ac5e9d89921dce7f043eeae19ffa54
Then we put the encrypted connection information into the parameter file, and set the crypt option to "ON".
crypt=on
user=concat the two encrypted lines here
query=select * from emp
Then we just call SQLULDR2 with this parameter file.
SQLULDR2 parfile=testpar.txt
You will see that the rows are correctly extracted without providing the real database user name and password, and even the database host information, which maximumly improve the security.
Comments (1)
If you use encrypt feature, the connect information must be less than 64 bytes.
Posted by anysql | June 12, 2009 2:30 PM