RE: Prevent connections for some users through SQL*Plus, TOAD

From: John Hallas <john.hallas_at_bjss.co.uk>
Date: Mon, 2 Jun 2008 14:14:04 +0100
Message-ID: <E02CB9B2777CF8459C86C49B48C48EC60419C38B@exchange.bjss.co.uk>

If you search the archives for logon trigger and TOAD you will see quite a few examples of useful code.

The biggest problem is that there is nothing stop a user renaming toad.exe to fred.exe which bypasses the trigger.

I have sent a e-mail with a post that is in my archives which provides some good.

John

www.jhdba.wordpress.com

From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Ricardo Santos Sent: 02 June 2008 12:48
To: ORACLE-L
Subject: Prevent connections for some users through SQL*Plus, TOAD

Hello to you all,

I've an old fashion application that uses an Oracle Database where each application user, is also a database user. That way, each user can connect to the database through other tools beside the application, like TOAD, SQL*Plus, etc.

For security reasons I would like to prevent these users to connect to the database using any other program than the application itself(No SQL*Plus, no Toad, etc ...). I thought in using a "trigger after logon" with a kill session statement, but it's true ** a session can't kill itself (ORA-00027)

At the moment I'm not figuring out a way to achieve what I want. Can anyone give me a hand ?

Thanks in advance,

Ricardo Bateiras.

BJSS - Platinum Sponsors of the 2008 Agile Business Conference www.agileconference.org The information included in this email and any files transmitted with it may contain information that is confidential and it must not be used by, or its contents or attachments copied or disclosed, to persons other than the intended addressee. If you have received this email in error, please notify BJSS. In the absence of written agreement to the contrary BJSS’ relevant standard terms of contract for any work to be undertaken will apply. Please carry out virus or such other checks as you consider appropriate in respect of this email. BJSS do not accept responsibility for any adverse effect upon your system or data in relation to this email or any files transmitted with it. BJSS Limited, a company registered in England and Wales (Company Number 2777575), VAT Registration Number 613295452, Registered Office Address, First Floor, Coronet House, Queen Street, Leeds, LS1 2TW

--
http://www.freelists.org/webpage/oracle-l

Received on Mon Jun 02 2008 - 08:14:04 CDT

This message: [ Message body ]
Next message: Sanjay Mishra: "Re: orapwd"
Previous message: Nuno Souto: "Re: orapwd"
In reply to: Ricardo Santos: "Prevent connections for some users through SQL*Plus, TOAD"
Next in thread: Tanel Poder: "RE: Prevent connections for some users through SQL*Plus, TOAD"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message