Re: proxy authentication and passwords

On Feb 22, 11:23 pm, "Jonathan Lewis" <jonat..._at_jlcomp.demon.co.uk> wrote:
> "foothillbiker" <foothillbi..._at_gmail.com> wrote in message
>
> news:1172195190.580328.175720_at_v33g2000cwv.googlegroups.com...
>
>
>
> > So, again, it would seem that anybody who knows a userid can login,
> > unless we do something OTHER authentication along the way.
>
> > REgards,
> > Chas.
>
> That is correct.
>
> There is a built-in assumption with this approach that the
> end user first has to authenticate himself/herself to the
> application server. (This may make proxy user seem an
> odd implementation in the days of LDAP and SSO, but
> proxy user has been around for a long time).
>
> --
> Regards
>
> Jonathan Lewishttp://jonathanlewis.wordpress.com
>
> Author: Cost Based Oracle: Fundamentalshttp://www.jlcomp.demon.co.uk/cbo_book/ind_book.html
>
> The Co-operative Oracle Users' FAQhttp://www.jlcomp.demon.co.uk/faq/ind_faq.html

Jonathan,

thank you.

so -- what to do?

environment:
- oracle 10.2.0.2 (or later)
- app written w/ java (high probability of a product called "hibernate" in use)
- desire for connection pooling (though typically < 10 users ever logged on)

requirement:
- data visbile to user is based on user, where "user" is the oracle username
- data visbility enforced w/ vdb (or fgac or whatever you care to name it)
- predicate/context on the vdb is the oracle username - users need to provide some sort of credentials (password) to prove who they are
- desire for connection pooling as mentioned above

I'm thinking there are plenty of people who have solved this issue before me ;-)

Many thanks.

REgards,
Chas. Received on Fri Feb 23 2007 - 02:36:45 CST