Re: capture oracle pwd change in 3rd party application. help needed

Daniel Morgan <damorgan_at_x.washington.edu> wrote in message news:<1068147990.413220_at_yasure>...
  

Lasher wrote:

    

Hi,

I have clients using an application that allows users to change their
passwords. The application uses the 'ALTER USER xxx IDENTIFIED
BY.....' command. What I need to do is use Oracle to capture the
username and password and send the info to another Oracle instance on
a different server and update that users password.

Basically I need to keep the user's password in sync between two
different databases.

I also cannot change the application in anyway and therefore need to
do this from the Oracle side.

Any ideas would be great.........
 

      

Go to $ORACLE_HOME/rdmbs/admin
Look at the file utlpwdmg.sql

If you have any business doing this you will be able to fill in the rest 
of the picture.

Personally I agree with Pete. This is nonsense and worse than nonsense a 
huge violation
of any reasonable definition of system security. The OEM should fix the 
problem. And
my advise to you would be not to do this. That it can be done doesn't 
mean that it should
be done. The entire idea stinks.
    

I'm not sure what is so wrong about this, at least using Pete's
suggestion of Identified by Values in a non-public environment?  It
seems as reasonable as, say, copying /etc/passwd (or shadow
equivalents) and user files to synchronize users on two identical
servers.

jg
--
_at_home.com is bogus.
http://www.signonsandiego.com/news/metro/20031106-9999_2m6wage.html
  

-- 
Daniel Morgan
http://www.outreach.washington.edu/ext/certificates/oad/oad_crs.asp
http://www.outreach.washington.edu/ext/certificates/aoa/aoa_crs.asp
damorgan_at_x.washington.edu
(replace 'x' with a 'u' to reply)