Home » RDBMS Server » Security » Restricting users depending on IPaddress
Restricting users depending on IPaddress [message #223683] Sat, 10 March 2007 06:19 Go to next message
shanky
Messages: 2
Registered: March 2007
Location: India
Junior Member

Hi,

Firstly I am new to this forum. My sincere apologies if am not following any rules.

We are developing an application from our college. For this application, we are planning to introduce an additional layer of security by resticting user on the basis on IP address. My project manager says that he wants only the middle ware and the console users to be able to connect with the database. Can any one tell me in detail how this can be done. Does this require creation of triggers and procuders? I heard 'bt the sys_context function, but i did not get clear idea how this function can be used for this purpose

Thanks in advance
Re: Restricting users depending on IPaddress [message #223684 is a reply to message #223683] Sat, 10 March 2007 06:35 Go to previous messageGo to next message
Mahesh Rajendran
Messages: 10708
Registered: March 2002
Location: oracleDocoVille
Senior Member
Account Moderator
Look into sqlnet.ora settings like TCP.EXCLUDED_NODES and TCP.VALIDNODE_CHECKING
Re: Restricting users depending on IPaddress [message #223686 is a reply to message #223683] Sat, 10 March 2007 06:38 Go to previous messageGo to next message
Mahesh Rajendran
Messages: 10708
Registered: March 2002
Location: oracleDocoVille
Senior Member
Account Moderator
And
>>only the middle ware and the console users to be able to connect with the database
Please re-phrase.
If you are looking to restrcit users from using a specific tool like say, toad.exe it will not work.
All the user needs to do is, rename toad.exe to somethingelse.exe and continue to work.
Re: Restricting users depending on IPaddress [message #223749 is a reply to message #223686] Sat, 10 March 2007 22:44 Go to previous message
shanky
Messages: 2
Registered: March 2007
Location: India
Junior Member

Hi,

Firstly Mr.Mahesh, many thanks for replying

>>Only the middle ware and the console users have to connect to the >>database.

By this i meant that only the middleware server(like EJB server in java,when using MVC architecture) and the database admins should be able to access the database server. All the other attempts to access the database should be nullified.

Also, what additional measures can be taken to deal with IP spoofing

Thanks in advance

Karthik
Previous Topic: Oracle users in third-party LDAP
Next Topic: OLS & Streams
Goto Forum:
  


Current Time: Wed Dec 04 13:47:52 CST 2024