Re: Question about single-sign-on products

We are in the process of implementing Enterprise User Security <https://docs.oracle.com/database/121/DBIMI/toc.htm> where the authentication is done via the Kerberos tickets you get at windows logon. That requires a purchase of Directory Services Plus licenses (if you don't already have them or OID licenses). It no longer requires the advanced security option though. Engineering the solution was relatively straightforward once you get your head around the moving parts. The biggest challenge is the need to understand the new security model and to determine the best roles and groups etc for your users. It would also be possible to merely use Kerberos or SSL authentication as strong authentication <https://docs.oracle.com/database/121/DBSEG/strong_auth.htm#DBSEG491> (and SSO) for your individual database users.

On Wed, Jan 31, 2018 at 7:14 PM, Charles Schultz <sacrophyte_at_gmail.com> wrote:

> Good day,
>
> Just putting out feelers to see what experiences folks have had with
> various single-sign-on packages. We have a mix of Oracle and MS SQL Server,
> and use Active Directory a bit for the MS stuff.
>
> Thanks in advance,
>
> --
> Charles Schultz
>

-- 
Niall Litchfield
Oracle DBA
http://www.orawin.info

--
http://www.freelists.org/webpage/oracle-l