Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: Oracle Label Security

Re: Oracle Label Security

From: Karsten Farrell <kfarrell_at_belgariad.com>
Date: Thu, 16 Jan 2003 00:04:18 GMT
Message-ID: <6GmV9.1332$PA1.66236694@newssvr15.news.prodigy.com> 





karthik wrote:


> Hi All,

> 

> According to my understanding oracle label security is pplicable for

> only database user.But our requirement states that we have to

> implement for application user .

> 

> 1.Whether it is possible?

> 

> If possible then

> 

> 1.How to assign the policy against the application user.

> 2.How to pass the application user name to database.

> 3.How to assign the oracle defined label against the application user.

> 4.Suppose if we use oracle policy manager for creating the policy and

> defining the label.Whether policy and labels defined by the policy

> manager can be access to application user.

> 

> Please help me in above problem

> 

> Rgrds

> karthi



Don't know if this is what you're looking for, but check out:



http://technet.oracle.com/deploy/security/pdf/oow99/dbswp86.pdf



On p5, you'll see a section titled: Authentication Through a Middle Tier.



<quote>


In applications which use a heavy middle tier, such as a transaction 
processing monitor, it is important to be able to preserve the identity 
of the client connecting to the middle tier.
</quote>



This technique passes the client userid thru the middle tier, even if 
the middle tier uses connection pooling.
Received on Wed Jan 15 2003 - 18:04:18 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US