| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.misc -> Re: user id from 3-tier environment (sys_context???)
There are a couple of ways to do it, but they entail modifying the
application.
One way would be to have the application connect as the client directly. That method would require the DBA to specify which clients the app could connect as (ALTER USER joeblow GRANT CONNECT THROUGH appuser1). This method is the strongest (IMO) as it means that the app cannot bypass it.
The other method would be to have the application place the ID of the client into its application context and then have a PL/SQL routine store the ID somewhere. You can then connect to the database directly and select from that table to see who actually is running.
Rick
"Steve Perry" <sperry_at_sprynet.com> writes:
> Is there a way to find out who the original user is in a 3-tier environment?
> This could be for any or all Oracle versions.
> I thought the sys_context function in 9i would allow me to, but it looks
> like it will allow me to see who I am, but not see who is logged in from
> another session.
>
> For example:
> If I connect to a middleware app server that connects the database and runs
> sql commands, I'd like to see that "joeblow" is the one running a query as
> oracle user appuser1 instead of appuser1.
>
> thanks.
> Steve
>
>
>
>
--
Rick Wessman
Security Assurance Group
Oracle Corporation
Rick.Wessman_at_oracle.com
The opinions expressed above are mine and do not necessarily reflect
those of Oracle Corporation.
Received on Thu Oct 04 2001 - 07:27:12 CDT
 |
 |