I will be interested to know as well since clear text connection string will
bring disastrous effect if the file is being sniffed!
"Karsten Farrell" <kfarrell_at_belgariad.com> wrote in message
news:lBvA9.22$Oa1.3799305_at_newssvr21.news.prodigy.com...
> Max7 wrote:
> > Hi everyone,
> >
> > I have an application (not customised) that accesses data from Oracle 8i
> > database. Some background, database resides on Sun Unix and application
> > resides on Windows 2000. Users authenticates through win2k.
> >
> > To connect from app to database, I have created a connection string that
> > calls the database schema. However that connection string is in clear
text,
> > and it contains schema ID and password.
> >
> > I wish to secure this connection. May I know how do that? To encrypt
this
> > file or use Net8 or any suggestions?
> >
> >
> >>Max
> >
> A couple of points.
>
> You must use Net8 (if you're on Oracle8i) - it's not an option - if you
> want to connect to your database.
>
> Does your application have a UI? If so, you'd be much better off asking
> the user to supply a username/password. If there is no UI, then you
> pretty much have to send the connect string in clear text (and hope no
> one puts a sniffer on the line).
>
> If anyone knows otherwise, I'd certainly be interested since our
> WebLogic connection pool sends clear text (well, sorta).
>
Received on Thu Nov 14 2002 - 08:42:11 CST
