Application security question
From: Douglas Scott <dsscott_at_ev1.net>
Date: Tue, 20 Jul 1999 04:57:58 -0800
Message-ID: <Zr_k3.43$rf.14936_at_WReNphoon3>
[Quoted] [Quoted] My company has a requirement to validate that a user [Quoted] is really who they are suppose to be within a particular application. This is mainly caused by computers being in a shared area which means that someone could login to the database with their Oracle account and then another person access the application and make a change that that person would not be able to do if they were logged into the database using their own account. What we want to do is implement a second layer of security that will prompt the user for a password if they try to update an item that has been identified as a restricted item. Does anyone know of good way to do this? We don't want to store a password in a table that someone could see through sql.
Date: Tue, 20 Jul 1999 04:57:58 -0800
Message-ID: <Zr_k3.43$rf.14936_at_WReNphoon3>
[Quoted] [Quoted] My company has a requirement to validate that a user [Quoted] is really who they are suppose to be within a particular application. This is mainly caused by computers being in a shared area which means that someone could login to the database with their Oracle account and then another person access the application and make a change that that person would not be able to do if they were logged into the database using their own account. What we want to do is implement a second layer of security that will prompt the user for a password if they try to update an item that has been identified as a restricted item. Does anyone know of good way to do this? We don't want to store a password in a table that someone could see through sql.
Thanks
Douglas Scott
-**** Posted from RemarQ, http://www.remarq.com/?c ****- Search and Read Usenet Discussions in your Browser Received on Tue Jul 20 1999 - 14:57:58 CEST