Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: logon trigger - getting program version information of application connecting

Re: logon trigger - getting program version information of application connecting

From: Niall Litchfield <niall.litchfield_at_dial.pipex.com>
Date: Tue, 16 Mar 2004 21:03:56 -0000
Message-ID: <40576bbc$0$10150$cc9e4d1f@news.dial.pipex.com> 





<OracleSupport-dropthis_at_shaw.ca> wrote in message
news:r08d50lbh7k83435n23tmg04skrgona0pi_at_4ax.com...


> On Mon, 15 Mar 2004 10:18:32 -0000, "Niall Litchfield"

> <n-litchfield_at_audit-commission.gov.uk> wrote:

>

> >Do the users have their own oracle accounts or is there one for the app.

We


> >have the same problem with the latter scenario and just change the db

> >password and only distribute the password to new releases - done at

install


> >of new release time.

>

> There are two levels of security (if you can call it that).

>

> The first level is handled by the application which stores a userid,

> password combination for each user and a few other details in an

> encrypted file outside the database. The second level connects all

> users to the databases with a single (schema) password. I believe this

> was a carry over from the initial application design when it didn't

> use Oracle at all. The developers must have felt it was too much work

> to do the security properly (or a nice way to cut corners and reduce

> costs).

>

> As the application does the "real" security check, changing the schema

> password has no effect on the users as long as they get authenticated

> by the front end.




I don't understand this. if you change the schema password (which must be
stored in the app somewhere) and then only distribute the new password with
the new version of the app doesn't that achieve what you want? Or are you
saying that the schema password is stored in the app AND CANNOT BE CHANGED
because all versions of the app have the same password. That would be
remarkably stupid.



>

> Our stats today showed an abysmal 75% success rate for the workstation

> upgrades.




about par.



> Working with these types of applications certainly make the job more

> challenging.




indeed.



--
Niall Litchfield
Oracle DBA
Audit Commission UK
*****************************************
Please include version and platform
and SQL where applicable
It makes life easier and increases the
likelihood of a good answer
******************************************


Received on Tue Mar 16 2004 - 15:03:56 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US