Oracle TNSNAMES中的我的钱包目录不像预期的那样工作

你好，克里斯/康纳，

我正在尝试在TNSNAMES文件中使用选项MY_WALLET_DIRECTORY，以避免必须在SQLNET.ORA文件中指定WALLET_LOCATION。但是，它失败，并ORA-01017: 无效的用户名/密码; 登录拒绝错误。跟踪SQLNET (从客户端) 显示，当指定为MY_WALLET_DIRECTORY时，它从不尝试访问钱包，但在常规使用时 (如SQLNET.ORA文件中的WALLET_LOCATION) 工作正常。
您能帮我弄清楚如何使它工作吗？

在MOS注释中The Impact of the Sqlnet Settings on Database Security (sqlnet.ora Security Parameters and Wallet Location) (Doc ID 1240824.1),似乎提到支持使用MY_WALLET_DIRECTORY (摘录如下)

#8. Client settings.

OCI Clients are using the same sqlnet.ora and wallet settings as the database server.
However, a very good hint to use, when multiple wallets should be used by the same client and using multiple TNS_ADMIN environment variables can become a real pain (one example would be when using ODP.NET applications requiring multiple SSL certificates to logon to multiple services, especially on application servers), then this could be easily solved using a tnsnames.ora syntax similar to the one below:

 = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCPS)(HOST = )(PORT = )) (CONNECT_DATA = (SERVICE_NAME = ) ) (SECURITY = (MY_WALLET_DIRECTORY = )))"

以下是我的尝试
首先，为了证明钱包设置正确，并且在SQLNET.ORA中提到了WALLET_LOCATION。

C:\Users\JoeBlog\TNSHome\ScottWallet>copy ..\sqlnet.ora .
        1 file(s) copied.

C:\Users\JoeBlog\TNSHome\ScottWallet>set TNS_ADMIN=C:\Users\JoeBlog\TNSHome\ScottWallet

C:\Users\JoeBlog\TNSHome\ScottWallet>tnsping DB_SCOTT

TNS Ping Utility for 64-bit Windows: Version 19.0.0.0.0 - Production on 11-JUN-2021 15:02:41

Copyright (c) 1997, 2019, Oracle.  All rights reserved.

Used parameter files:
C:\Users\JoeBlog\TNSHome\ScottWallet\sqlnet.ora


Used TNSNAMES adapter to resolve the alias
Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = dbscan.oracle.world)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = dbserv.oracle.world.com)) (SECURITY = (MY_WALLET_DIRECTORY = C:\Users\JoeBlog\TNSHome\ScottWallet)))
OK (70 msec)

C:\Users\JoeBlog\TNSHome\ScottWallet>sqlplus /@DB_SCOTT

SQL*Plus: Release 19.0.0.0.0 - Production on Fri Jun 11 15:02:51 2021
Version 19.3.0.0.0

Copyright (c) 1982, 2019, Oracle.  All rights reserved.

Last Successful login time: Fri Jun 11 2021 10:03:06 +01:00

Connected to:
Oracle Database 19c EE Extreme Perf Release 19.0.0.0.0 - Production
Version 19.10.0.0.0

SQL> show user
USER is "SCOTT"
SQL> exit
Disconnected from Oracle Database 19c EE Extreme Perf Release 19.0.0.0.0 - Production
Version 19.10.0.0.0

现在，当我尝试在TNSNAMES中仅使用MY_WALLET_DIRECTORY时 (但在SQLNET.ORA中没有任何内容)

C:\Users\JoeBlog\TNSHome\ScottWallet>cd ..

C:\Users\JoeBlog\TNSHome>set TNS_ADMIN=C:\Users\JoeBlog\TNSHome

C:\Users\JoeBlog\TNSHome>tnsping DB_SCOTT

TNS Ping Utility for 64-bit Windows: Version 19.0.0.0.0 - Production on 11-JUN-2021 15:03:39

Copyright (c) 1997, 2019, Oracle.  All rights reserved.

Used parameter files:
C:\Users\JoeBlog\TNSHome\sqlnet.ora


Used TNSNAMES adapter to resolve the alias
Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = dbscan.oracle.world)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = dbserv.oracle.world.com)) (SECURITY = (MY_WALLET_DIRECTORY = C:\Users\JoeBlog\TNSHome\ScottWallet)))
OK (90 msec)

C:\Users\JoeBlog\TNSHome>sqlplus /@DB_SCOTT

SQL*Plus: Release 19.0.0.0.0 - Production on Fri Jun 11 15:04:12 2021
Version 19.3.0.0.0

Copyright (c) 1982, 2019, Oracle.  All rights reserved.

ERROR:
ORA-01017: invalid username/password; logon denied


Enter user-name: ^C

我在各种版本和平台上复制了你的发现 -- 所有的人都没有注意到我的钱包目录

我已经联系了安全团队，看看他们是否有任何洞察力，但就目前而言，我怀疑这是从未实现过的功能。

如果我从安全团队获得更多信息，我将更新此答案。