Re: Client Logins with Proxy

BManry_at_us.oracle.com (Bill Manry) wrote:

>Before doing that, you might want to think about whether you want your
>PC users to be able to connect to your server with a userid that is
>not actually authenticated. A PC user can specify anything they want
>in ORACLE.INI and as long as it's a valid Oracle userid with the
>IDENTIFIED EXTERNALLY attribute they will be able to connect as that
>user. This might not be an issue if you trust your users and their
>PCs are physically secured (with keylock, for example).

Picture this: You have two real machines, Unix, VMS or NT. You are running oracle on them and you trust the root user/system user on these machines. Therefore it is OK to run whith remote authentication. Now add a few PCs and now you have to trust evry single user, the database is wide open. In most companies the users have to autenticate to a network server, for example a Novell server or NT server or a Unix machine. The PC users don't get file service unless they have connected to the network. It would be easy for Oracle to add the same level of security to their database. But Oracle doesn't care. I've complained about this before and I'm sure hundreds of others have also complained.

I have got clients now that have one username when working on the Unix server, OPS$ username. And an other when connecting from forms4.5. And then we get support calls about something not working for User, which works for OPS$User.

This is annoying, to say the least..
regards.
Kjartan R Gudmundsson
kjartang_at_ejs.is Received on Wed Mar 13 1996 - 00:00:00 CET