Re: Oracle & UNIX password

First, you can have your cake and eat it to. That is, you can log in with a / from the server, and specify the username/password from the client.

create user ops$fred identified by wilma .... ;

Because this is an 'ops$' account, connections from the server can log in with a /. Client connections would use ops$fred/wilma_at_dbname. Note that this works only if you use OPS$ as OS_AUTHENT_PREFIX. If you use anything else, such as a null, you won't be able to log in from the client.

Second, you can set up your database to allow clients to log in using a slash. However, that is REALLY, REALLY BAD!!!!!!. The whole idea of using OS_AUTHENT_PREFIX is that you trust the operating system to validate the username. You will never be able to trust the OS username assigned to a client, because they can change it on a whim. Sure, it's a little inconvenient to make the user enter their username/password, but it is a lot better than opening up a huge security hole.

Having said that, here is how you would do it. On the database , set REMOTE_OS_AUTHENT to true. On the client, edit oracle.ini and set USERNAME = osuser. Boom, you're in to ops$osuser. Be sure to point out that anyone can set their USERNAME to whatever they feel like.

Bob Swisshelm
swisshelm_at_lilly.com Received on Mon May 20 1996 - 00:00:00 CEST