Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: Oracle in Visual Basic

Re: Oracle in Visual Basic

From: <claudio.torres_at_gmail.com>
Date: 12 Oct 2006 09:27:06 -0700
Message-ID: <1160670426.037721.148500@h48g2000cwc.googlegroups.com>


Thanks JonWat.

> Can they get it from your DLL? Quite possibly. If your DLL stores, for
> example, an array which has the Application name and the
> username/password with which to log on, then someone with a text editor
> can find it in your DLL.

The new DLL works this way.

  1. The dll is instantiate in the application.
  2. You setup a property of the DLL with a value corresponding to the application that is requesting a connection.
  3. The dll takes the application value and executes a query to get the server, username and password (encrypted) from a schema in a database. The username and password for this database is only known by a few. And if you connect to this user and navigate the records, you will only see encrypted data, which can only be de-encrypted by a function in the dll.
  4. The dll de-encrypt the data and setup a connection object
  5. The "connected" connection object is returned to the application.
  6. The application can query the database which is connected to.

Before this, everybody (developers, managers, even users) knew the usernames and passwords for the production machines. Any one could connect and delete or do any thing. No security at all.

With the dll we are trying to give a little security. It's the first step.

Thanks in advance Received on Thu Oct 12 2006 - 11:27:06 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US