Validating username password from web page

I'm currently woking on a project to connect an Oracle 7.3.4 DB to an Intranet.

The intranet sever connects in via an ODBC DSN and so has a username and password specified for it. However any one accessing the page should have a normal Oracle log in to the DB and I need to validate this so that the web page can decide what Info to give the user.

Due to the newness of all this (I've never done web based stuff before) we are trying to limit the web page to only issuing SELECT statements.

As such I was going to create a stored function that took in a username/password and returned either the access level they have or false depending on wether that was allowed. This seems sensible to me.

However, although I can get the encryted password from DBA_USERS I don't know how I can encrypt the password given to check against the one in DBA_USERS. I though I might be able to create a new user with the same password given and then check it that way, but oracle seems to use the username in the encryption algorithm and so I'm stuffed there too.

Can anyone help me?

mijones_at_hof.co.uk Received on Sat Oct 30 1999 - 06:33:25 CDT