Re: Need OS User from Web Service call

From: mohammed bhatti <mohammed.bhatti1_at_gmail.com>
Date: Fri, 11 Jan 2013 15:34:06 -0500
Message-ID: <CAPio1UT0mkkAXuZSaKMi7+d1bgiZmBTyeNqzc7=uQLSF1icy=Q_at_mail.gmail.com>

Hi,
Just to back up Job Miller's post, I was able to setup proxy authentication using Java/Tomcat/11gR2 with client auth. This allows the session using the proxy to be audited as well which is requirement in some environments.

It essentially works as a poor man's SSO without the need of an LDAP where Tomcat does the authentication and the database does the authorization.

--
mohammed

On Fri, Jan 11, 2013 at 1:23 PM, TJ Kiernan <tkiernan_at_pti-nps.com> wrote:



> Change the default

>    SQLNET.AUTHENTICATION_SERVICES= (NTS)

> to

>    SQLNET.AUTHENTICATION_SERVICES= (NONE)

>

> in the client's sqlnet.ora.  Worked for us (there may be some odp.netparameters I'm also unaware of, so sorry if this is an incomplete answer).

>

> Thanks,

> T. J.

>

>

> -----Original Message-----

> From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org]

> On Behalf Of Jeff Chirco

> Sent: Friday, January 11, 2013 10:27 AM

> To: oracle-l_at_freelists.org

> Subject: Need OS User from Web Service call

>

> Currently for our .Net applications call a web service that runs in IIS

> which then access the Oracle database.  When I query v$session the OS User

> listed as making the call shows as "SYSTEM".  Does anybody know if it is

> possible to have the actual OS User that made the originating call?  I am

> not sure if this is possible because the call is going through a middle

> tier.

> Thanks.

>

> --

> http://www.freelists.org/webpage/oracle-l

>

>

> --

> http://www.freelists.org/webpage/oracle-l

>

>

>



--
http://www.freelists.org/webpage/oracle-l

Received on Fri Jan 11 2013 - 21:34:06 CET