It all depends on the TNS_ADMIN environment variable in the environment
where the TNS Listener is started. By default, TNS_ADMIN (when not
set) points at $ORACLE_HOME/network/admin, but you can set it to
whatever you like before you run LSNRCTL to maintain the listener. By
messing around with TNS_ADMIN, you can have as many sets of ".ora"
files as you wish (or as many as you can hang yourself with)...
Tim Gorman
consultant - Evergreen Database Technologies, Inc.
P.O. Box 630791, Highlands Ranch CO 80163-0791
website = http://www.EvDBT.com/
email = Tim@xxxxxxxxx
mobile = +1-303-885-4526
fax = +1-303-484-3608
Yahoo IM = tim_evdbt
japplewhite@xxxxxxxxxxxxx wrote:
9i on HP-UX and 10g on Linux.
Basic question: Can you somehow tie
a particular sqlnet.ora file to a specific listener for a database that
has two Listeners? I've looked in the docs and everywhere else I
can think of and I can't find that you can somehow specify that a
sqlnet.ora
file applies to only a specific Listener, it applies to all Listeners
in
that ORACLE_HOME. The only way that my little brain has come up with
is to create another ORACLE_HOME and have a Listener there with its own
sqlnet.ora.
What we have is a Student
Information
database that is accessed District-wide via our internal WAN / LAN. It
has a Listener on port 1521. We've had this setup for years. We
also allow selected access to that database from the Internet. We
opened up another port (not 1521 or any of the "usual" ones)
in the firewall and we have a second Listener on that port. The sqlnet
on the Client App server in the DMZ requires encryption, etc. via the
parameters
specific to those security settings. We'd like to require the matching
encryption, etc. for any traffic coming to the non-standard Listener,
but
the single sqlnet.ora file on the server would apply to our internal
Listener
as well, killing our internal Users. For now, we only have the
security
settings Accepted, not Required, on the server.
Am I an idiot? I've done the
standard
setup of Listeners lots and lots over the years but am not well-versed
in unusual setups or Advanced Security. Is there a relatively simple
way to do what we want or is the separate ORACLE_HOME the ticket? Any
guidance would be appreciated.
Thanks.
Jack C. Applewhite - Database Administrator
Austin I.S.D. - MIS Department
512.414.9715 (wk) / 512.935.5929 (pager)
--
//www.freelists.org/webpage/oracle-l
|