Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: encrypt passwords and hold on Oracle tables

RE: encrypt passwords and hold on Oracle tables

From: Jamadagni, Rajendra <rajendra.jamadagni_at_espn.com>
Date: Tue, 15 Aug 2000 13:45:22 -0400
Message-Id: <10590.114631@fatcity.com>


We implemented a similar thing for intranet stuff. Users and their passwords are maintained in a specific table. The password column is visible only to table owner, other users access the table (if need be) through a view which just shows userid and modules to which they can access. The encrypt/decrypt is performed by RC4 (a fine utility from our own Jared Still), and works flawlessly. Once the users are validated, we have a specific user which actually connects to the DB (managed through a DTD, yes, I know but some portion is still on OWS) and data can be accessed.

BTW, that problem with "logical user", have you considered 'BECOME USER' ? Once your logical user is validated, programmatically issue a BECOME USER and then access the database.

HTH
Raj



Rajendra Jamadagni MIS, ESPN Inc.
Rajendra dot Jamadagni at ESPN dot com
QOTD: Any clod can have facts, but having an opinion is an art ! Any opinion expressed here is personal and doesn't reflect that of ESPN Inc. Received on Tue Aug 15 2000 - 12:45:22 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US