Home » RDBMS Server » Networking and Gateways » Authentication for connected user database links (11.x)
Authentication for connected user database links [message #587471] Sat, 15 June 2013 11:18 Go to next message
John Watson
Messages: 8960
Registered: January 2010
Location: Global Village
Senior Member
I know how to use database links in various forms, but I've been trying to think through how the authentication works for a connected user link in 11g. If I create the link like this,
create public database link using 'orcl';
then any user can use the link, provided they have an identical username/password in the two databases. With pre-11g passwords, it was understandable: the password was salted with the username, so the hash of the password would be the same in both databases, and I assumed that the logon through the link used some sort of IDENTIFIED BY VALUES mechanism. But in 11g, the salt will different in the two databases. So the hash will be different. And of course Oracle never stores the actual password. So I don't see how the authentication works. Can anyone explain?
This doesn't have any practical value at the moment, but I would be grateful for any insight.
Re: Authentication for connected user database links [message #587704 is a reply to message #587471] Tue, 18 June 2013 03:23 Go to previous message
John Watson
Messages: 8960
Registered: January 2010
Location: Global Village
Senior Member
For completeness:
It has been suggested to me that the password presented at logon is stored for the duration of the session (in PGA, I suppose) and so can be presented to the remote database when using the database link. I can think of possible complications with this model when using a shared public database link or a database resident connection pool, but it sounds plausible.
Previous Topic: ORA-12154: TNS:could not resolve service name
Next Topic: Listener - starting on both the port
Goto Forum:
  


Current Time: Thu Nov 21 23:23:33 CST 2024