Re: Sql*Forms and SQL*plus Question!
Date: 1996/01/19
Message-ID: <3100197E.3526_at_compuserve.com>#1/1
Wascley Wabbit wrote:
>
> Does anyone know how to pass a password from SQL*Forms to SQL*Plus
> and have it masked? I use sqlplus name/password _at_process.sql
>
> The only problem with this, is that if someone types "w" from the
> command line (I'm in UNIX) their password shows up. I work with the
> DoD so this is Not good. Up to now, we have saved the Sql*plus
> password in a global variable and passed it from forms when we wanted
> to print Hard Copy reports and the like. Any ideas?
>
Try piping the username/password to sqlplus. You may also want to try using externally defined users accounts; however, externally defined user acounts may not be secure in some client-server configurations.
To pipe the command to sqlplus try the following:
1. Create a file with "<username>/<password>" in it. Use the Unix OS to
enforce security on this file.
2. Pipe the file to your sqlplus call with:
"sqlplus _at_process.sql < unamepword.file"
This is one way to prevent passwords from showing up on the Unix process list.
-- =============================================================== Richard Bennett E-Mail: richhb_at_sequent.com 73501.1703_at_compuserve.com Computer People Inc. On contract to Sequent Computer SystemsReceived on Fri Jan 19 1996 - 00:00:00 CET