Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Authentication w/o password?

Re: Authentication w/o password?

From: Scott Overby <scott.overby_at_sdsdata.com>
Date: 1997/09/17
Message-ID: <01bcc393$9c24d680$af0ba8c0@pc240smo.mbo.sds.intra>#1/1 









Nathan Neulinger <nneul_at_umr.edu> wrote in article
<5vmt5v$9hj$1_at_news.cc.umr.edu>...


> 

> I am potentially going to be migrating a bunch of systems from an 

> Informix server to a Oracle server.

> 

> Currently, authentication for the unix applications (which consist 

> primarily of perl scripts using isqlperl and DBD::Informix), is handled 

> using BSD authentication (verification using .rhosts and

 /etc/hosts.equiv)


> 

> Is there a corresponding functionality in Oracle?

> 

> Basically I need to be able to say:

> 	If a user is from hosts A, B, or C, and claims to be USER1, and 

> the connection is from a secure port, trust that it really is USER1 and 

> log them into the database server as such.

> 

> Alternatives are acceptable to me:

> 	ident based authentication with a list of trusted hosts

> 	authentication using an external process

> 

> Any pointers/ideas? I've heard something about OPS$ but am not sure what 

> it is.




The OPS$<OSUSERNAME> login allows one to access Oracle w/o an Oracle
password.


(e.g. sqlplus / , exp / ,  connect /, ...
In other words, if you can log into the operating system, you can log into
Oracle.



Oracle has to trust the operating system that the OS user id is indeed that
person.


On UNIX systems thats really not a problem, but in a client server
scenario, an


end user can spoof anyone he pleases easily.  Therefore, OPS$ is a no-no
for


CS.


-- 
==========================================================================
Scott Overby                  E-mail  scott.overby_at_sdsdata.com
Sr. Systems Analyst		Phone   (414) 459-7999
INPire Insurance Solutions    FAX     (414) 459-9123
615 Penn Ave.                   
Sheboygan, WI 53082

     _/_/_/  _/_/   _/  _/_/_/        \  |  /
       _/   _/ _/  _/  _/              \ | /
      _/   _/  _/ _/  _/_/_/  _/_/_/_/  _/  _/_/_/  _/_/_
     _/   _/   _/_/      _/  _/    _/  _/  _/  _/  _/  _/
  _/_/_/ _/    _/   _/_/_/  _/_/_/_/  _/  _/      _/_/_/
                          _/
                         _/
===========================================================================


Received on Wed Sep 17 1997 - 00:00:00 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US