| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Security
"Jean Cote" <jeancote_at_riq.qc.ca> writes:
>
> I need to put more security ...
>
> If we give a username and a password to someone, that person can use what
> ever product they want to modify the database. Is there a way (or a
> product) that will resctrict the security only to the application that we
> want. I heard that unicenter from CA might do the trick...is there
> something else (simpler maybe).
>
A simple possibility if you can modify the desirable app's source code:
For our custom apps (developed w/ PB,) the app encrypts the password that the user enters before connecting. Effectively, our users have an "application password" which they know and a db password, which they don't.
If all of the apps involved are "friendly" and specify an application name when connecting, then it might be possible to implement some sort of OpenServer pass-through application, to which all of the apps can connect instead of connecting directly to the server. The OpenServer app might then verify which app is attempting to connect and disallow any undesirables.
-- - Mike S. sweetman_at_raleigh.ibm.com IBM PCCo., RTP (AiC)Received on Fri Jan 31 1997 - 00:00:00 CST
 |
 |