Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Access based on IP Address and Username

Re: Access based on IP Address and Username

From: EscVector <Junk_at_webthere.com>
Date: 10 Nov 2006 22:03:14 -0800
Message-ID: <1163224994.497366.297990@f16g2000cwb.googlegroups.com> 






rspai9_at_gmail.com wrote:


> We are trying to restrict access to the database depending on a

> combination of accessing machine's ip address and oracle username eg.

> user jack should be allowed to access only from the ip address

> 10.0.11.72 and not from any other ip address? Is this possible?

>

> Thanks in Advance for the Help.

>

> Regards,

> Raj




A login trigger works well, but is not very secure.  The standard way
to keep people out using this method is to raise an exception that
kicks them out.  This not really secure because the user actually
connects into the database and then gets kicked out.  This is an easy
avenue for a denial-of-service attack.  Also, if the user has
IMP_FULL_DATABASE or ADMIN DATABASE TRIGGER, they will be able to
bypass the exception and still log in.  Have to use an option explicit
call within the exception to "alter system kill session" to be on the
safe side.
Received on Sat Nov 11 2006 - 00:03:14 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US