Re: How to trap the user's login program and disallow if Windows based?

have done this once on 7.3.x

1. procedure
   • selects v$session
   • checks against lockup tables (machinename,username,programm etc
   • all sessions killed that dont applied to
2. scheduled the procedure every minute via job

it was not elegant, but did the job.

hth

stefan kapitza

enzoweb_at_hotmail.com (Andy) wrote in message news:<8d4033cd.0206041503.4c37138e_at_posting.google.com>...
> Oracle RDBMS V8.0.6 on Solaris 2.7
>
> I can remember that there is a way to trap the program name a user is
> logging into the database with, and disallow it if it is something
> like TOAD or ACCESS.
>
> Here is the problem:
>
> We have an application which connects into the database with the
> password hard-coded and which everyone knows. This application userid
> is also the schema owner. The developers also use TOAD. We can change
> the application password but it is hard coded in plain text and
> everyone knows how to see it. So the Developers have a habit of
> signing on to TOAD as the application owner and therefore have total
> access to the tables.
>
> I know that I can create a trigger at logon to run some SQL, but
>
> 1. Not sure if it works on the V806 we are running.
> 2. Don't know how to code it.
>
> So, I want it to go -
>
> login - check program name - if user = schema.owner and program !=
> program.name then kill session (and maybe issue a nasty message).
>
> Does anyone have an example of this I can use?
>
> Thanks.
Received on Wed Jun 05 2002 - 05:51:14 CDT