Re: Using dbms_obfuscation_toolkit without logging in

From: damorgan <dan.morgan_at_ci.seattle.wa.us>
Date: Thu, 14 Feb 2002 17:49:46 GMT
Message-ID: <3C6BF8BC.6D842C5B_at_ci.seattle.wa.us>

[Quoted] One solution is to create a schema that has only two privileges ... one is CREATE SESSION and the other is EXECUTE on DBMS_OBFUSCATION_TOOLKIT.

Authenticate the user and then log them on again to the application schema.

Daniel Morgan

Rajesh Jayaprakash wrote:

> I have run into a chicken-or-egg situation:
>
> I would like to store the Oracle user/password for a Forms 6i
> (client/server) application in an INI file to prevent hardcoding this
> in the ON-LOGON trigger (the application users will log in to the
> application using user IDs created within the application). The
> password in the INI file will be encrypted/decrypted using the
> DBMS_OBFUSCATION_TOOLKIT package.
>
> My problem is that to decrypt the password read from the INI file, I
> need to be already logged in to Oracle (to use the package).
>
> Is there any way to use this package without logging in to Oracle? Can
> I duplicate the same functionality in a client PLL? Or should I look
> for some other encryption mechanism?
>
> Thanks and regards,
>
> Rajesh Jayaprakash
> rajesh.j_at_vsnl.net
Received on Thu Feb 14 2002 - 18:49:46 CET

This message: [ Message body ]
Next message: Patricia Nunes: "Oracle Lite 9i for WinCE"
Previous message: damorgan: "Re: Cursor Record Positioning"
In reply to Rajesh Jayaprakash: "Using dbms_obfuscation_toolkit without logging in"
Next in thread: Rajesh Jayaprakash: "Re: Using dbms_obfuscation_toolkit without logging in"
Reply: Rajesh Jayaprakash: "Re: Using dbms_obfuscation_toolkit without logging in"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message