Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> OAS application security

OAS application security

From: <burkeblackman_at_my-deja.com>
Date: 2000/06/28
Message-ID: <8jdgeh$n87$1@nnrp1.deja.com>#1/1 






Hello, I have an application written in OAS's PL/SQL that requires a
username and password to access portions of the site.  My question is,
is there a good way to prevent someone from guessing a username and
simply putting in a URL that would take them into the more secure
portion of the site.  For example, someone puts in:
http://www.fakesite/plsql/access_account?username='testuser'
and then they are able to access that users (testuser) information
instead of having to go through the login screen.  Any help would be
appreciated.



Thanks,


Burke




Sent via Deja.com http://www.deja.com/


Before you buy.
Received on Wed Jun 28 2000 - 00:00:00 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US