Re: Trigger force a logout?

From: Dennis Williams <oracledba.williams_at_gmail.com>
Date: Thu, 25 Jun 2009 09:43:11 -0500
Message-ID: <de807caa0906250743i3549bad0jcff78fe948ca4554_at_mail.gmail.com>



Adam,

As I mentioned, this is to plug a security gap. The password is embedded in an application we can't alter. I have a way to detect whether the login is coming from the application or elsewhere. My thought is to create a trigger that does something if someone tries to login to the account and they aren't coming from the application.
Not ideal, but then we don't always live in an ideal world.

Thanks for your ideas.
Dennis Williams

On Thu, Jun 25, 2009 at 9:28 AM, Adam Musch <ahmusch_at_gmail.com> wrote:

> One wonders why one doesn't simply lock the account.
>
> ALTER USER bad_user ACCOUNT LOCK;
>
> seems easier than writing a trigger.
>
> Similarly, you may wish to explore auditing and system/application contexts
> so that you could audit who's trying this account.
>
> On Thu, Jun 25, 2009 at 9:25 AM, Andrew Kerber <andrew.kerber_at_gmail.com>wrote:
>
>> yes, it is possible. It would be a system trigger.
>>
>>
>> On Thu, Jun 25, 2009 at 9:15 AM, Dennis Williams <
>> oracledba.williams_at_gmail.com> wrote:
>>
>>> List,
>>>
>>> To plug a security gap, I'm trying to create a trigger on a certain
>>> username. If the trigger condition is met, the trigger would force a logout.
>>> Is that possible?
>>>
>>> Thanks for any suggestions,
>>> Dennis Williams
>>>
>>
>>
>>
>> --
>> Andrew W. Kerber
>>
>> 'If at first you dont succeed, dont take up skydiving.'
>>
>
>
>
> --
> Adam Musch
> ahmusch_at_gmail.com
>

--
http://www.freelists.org/webpage/oracle-l
Received on Thu Jun 25 2009 - 09:43:11 CDT

Original text of this message