ops$/w2k/"secure" connections question

After much fiddling, I got ops$ (os authenticated) logons to work in my w2k db.  However, I'm confused.  I had to set REMOTE_OS_AUTHENT = TRUE in order for this to work.  See snippet from doco below. 

I'm doing this all locally.  When I set REMOTE_OS_AUTHENT=FALSE it does not work.  My question is, why is a local connection seen as non-secure?  I can connect via sqlplus with the listener down, so I'm not running into the restriction with Net8.

Thanks in advance for any comments you may have. 

<-- from doco
By default, Oracle only allows operating system authenticated logins over secure connections. Therefore, if you want the operating system to authenticate a user, by default that user cannot connect to the database over Net8. This means the user cannot connect using a multi-threaded server, since this connection uses Net8. This default restriction prevents a remote user from impersonating another operating system user over a network connection.

If you are not concerned about remote users impersonating another operating system user over a network connection, and you want to use operating system user authentication with network clients, set the parameter REMOTE_OS_AUTHENT (default is FALSE) to TRUE in the database's initialization parameter file. Setting the initialization parameter REMOTE_OS_AUTHENT to TRUE allows the RDBMS to accept the client operating system username received over a non-secure connection and use it for account access.

-->

Lisa Koivu
Oracle Database Administrator
Fairfield Resorts, Inc.
954-935-4117 Received on Fri Aug 17 2001 - 13:47:26 CDT