i have an oracle database which is accessed by a java application from a remote machine. From the java application iam giving the ip address of the server machine where oracle is running.the server also receives the ip address of the machine from where the call is made.
now my question is, can i restrict from oracle that only, request from a specific ip address should be allowed to access the database and the rest should not. if so how.
Or even more simple, without installing any additional components:
Create a file "protocol.ora" (if it's not allready there) in your Oracle network admin directory on the database server and add the following entry in it:
TCP.INVITED_NODES= (X.Y.Z.W)
where "X.Y.Z.W" is the IP address or host name of your application-running machine. And don't forget to restart the listener after that. That way only that machine nwill be able to connect to your database server using TCP/IP protocol, all the connections from other addresses will be refused by the listener.
Jurij Modic ASCII a stupid question, get a stupid ANSI
24 hours in a day .... 24 beer in a case .... coincidence?
Create a file "protocol.ora" (if it's not allready there) in your Oracle network admin directory on the database server and add the following entry in it:
TCP.INVITED_NODES= (X.Y.Z.W)
where "X.Y.Z.W" is the IP address or host name of your application-running machine. all the connections from other addresses will be refused by the listener.
jmodic :
As per ur post i followed watever u said, but Server is allowing to connect to DB for all IP adress which are not in Protocol.ora
Attached are the docs , please find it for details...
correct me in case i am wrong
Abhay
funky...
"I Dont Want To Follow A Path, I would Rather Go Where There Is No Path And Leave A Trail."
"Ego is the worst thing many have, try to overcome it & you will be the best, if not good, person on this earth"
Move this parameter into sqlnet.ora, restart the listener and see if it works then. Or even better, don't configure this manually, use Oracle Net Manager instead. Click on Local -> Profile, then select General -> Acess Rights nad see if the IP that you had in your protocol.ora is shown there. If it is it means that Net Manager has allread merged this parameter from protocol.ora into sqlnet.ora. If it is not ther, enter it manualy in the "Client alloved to access" list. Then save network configuration and restart the listener.
Last edited by jmodic; 01-17-2003 at 08:30 AM.
Jurij Modic ASCII a stupid question, get a stupid ANSI
24 hours in a day .... 24 beer in a case .... coincidence?
If i make changes in SQL*NET then listener is not able to start...its throwing an error.
Code:
LSNRCTL> start
Starting tnslsnr: please wait...
TNSLSNR for 32-bit Windows: Version 9.0.1.1.1 - Production
System parameter file is C:\Oracle\Ora9i\network\admin\listener.ora
Log messages written to C:\Oracle\Ora9i\network\log\listener.log
Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=dpa31w014.digitalindiasw
.net)(PORT=1521)))
Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(PIPENAME=\\.\pipe\EXTPROC1ipc
)))
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=dpa31w014)(PORT=1521)))
TNS-12547: TNS:lost contact
TNS-12560: TNS: protocol adapter error
TNS-00517: Lost contact
32-bit Windows Error: 54: Unknown error
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
TNS-01153: Failed to process string:
NL-00313: null pointer or null size
LSNRCTL>
funky...
"I Dont Want To Follow A Path, I would Rather Go Where There Is No Path And Leave A Trail."
"Ego is the worst thing many have, try to overcome it & you will be the best, if not good, person on this earth"
I added the application servers IP, but forgot to add the host IP where the Oracle Server resides...hence it was giveing me problem in starting listener....
When i added the host IP with it ...... yes i was able to start listener on the server wher oracle resides an also yes i was able to restrict the connections from other IPs....
Thanks.
Abhay.
funky...
"I Dont Want To Follow A Path, I would Rather Go Where There Is No Path And Leave A Trail."
"Ego is the worst thing many have, try to overcome it & you will be the best, if not good, person on this earth"