Re: Trigger force a logout?

From: Andre van Winssen <dreveewee_at_gmail.com>
Date: Thu, 25 Jun 2009 16:35:30 +0200
Message-ID: <9b46ac490906250735p4d6dbc42od8e0fd6a0399c710_at_mail.gmail.com>



account locking is not feasible when uncer certain conditions (eg source ip address or timeslots of a day) the username would be allowed for login.

you can simply add a line with
raise_application_error(-2000,'sorry not allowed to login') in your logon trigger code .

Andre

2009/6/25 Adam Musch <ahmusch_at_gmail.com>

> One wonders why one doesn't simply lock the account.
>
> ALTER USER bad_user ACCOUNT LOCK;
>
> seems easier than writing a trigger.
>
> Similarly, you may wish to explore auditing and system/application contexts
> so that you could audit who's trying this account.
>
> On Thu, Jun 25, 2009 at 9:25 AM, Andrew Kerber <andrew.kerber_at_gmail.com>wrote:
>
>> yes, it is possible. It would be a system trigger.
>>
>>
>> On Thu, Jun 25, 2009 at 9:15 AM, Dennis Williams <
>> oracledba.williams_at_gmail.com> wrote:
>>
>>> List,
>>>
>>> To plug a security gap, I'm trying to create a trigger on a certain
>>> username. If the trigger condition is met, the trigger would force a logout.
>>> Is that possible?
>>>
>>> Thanks for any suggestions,
>>> Dennis Williams
>>>
>>
>>
>>
>> --
>> Andrew W. Kerber
>>
>> 'If at first you dont succeed, dont take up skydiving.'
>>
>
>
>
> --
> Adam Musch
> ahmusch_at_gmail.com
>

--
http://www.freelists.org/webpage/oracle-l
Received on Thu Jun 25 2009 - 09:35:30 CDT

Original text of this message