Re: Restricting access to Oracle database to only Oracle Forms
Date: 8 Mar 1995 16:21:19 GMT
Message-ID: <3jklhv$1s4_at_fozzy.aud.alcatel.com>
Kenneth.D.Atkins_at_tek.com (Kenneth D Atkins) wrote:
> >>You could setup a database role with a password, give it the appropriate
> >>access to your application and hard code the password into your
> >>application's startup form. There is a discussion and example of this in
> >>appendix J of the Oracle*Forms reference manual.
> >>
> >And how do you provide password aging and force change of passwords every
> >N days as required by many security policies and procedures, both corporate and
> >governmental?
> >Embedding passwords in clients (whether shown in some "Appendix J" or not) is not
We had a similar problem of removing the need for the user to
explicity log on to the database. We needed to have separate logon
for ad-hoc queries as opposed to update thru SQL forms. This was
acheived by layering a security layer on top of the launch
SQLforms. A VB program communicating with a centralized
server validates the "network user" ID and then activates a server
to translate the "network user" ID into the Oracle ID/PASSWORD
for the application. This eliminates the need for embedding the
id/password in the application. Also generic ID's can be
established just for query. If you let people use their
Oracle ID/password to query with then you run the risk of letting
them change their Roles and updating data via ODBC/MSQuery or
Glue from Excel !!
Terry C Kauder
Alcatel Network Systems
kauder_at_audv01.aud.alcatel.com
Received on Wed Mar 08 1995 - 17:21:19 CET