Re: Capturing user / password For Failed Logins
Date: Thu, 14 Jan 2016 13:37:20 +0000
Message-ID: <923AB1F4-D958-4BB6-B56B-BF45874E3065_at_travelclick.com>
What was previous db version? Could password case sensitivity be an issue?
On Jan 14, 2016, at 8:34 AM, Scott Canaan <srcdco_at_rit.edu<mailto:srcdco_at_rit.edu>> wrote:
We have an application that is getting an ORA-01017 when trying to connect to the database. This is a new environment for this application. In the past, the application was running on one server and the database on another. To attempt to speed things up, we’ve co-located the application and database, along with an upgrade to Oracle 12.1.0.2. In doing so, I installed both the Oracle database software and Oracle client software in the same Oracle Home. The idea is to use a bequeath connection and bypass the network to eliminate the network traffic.
If the user uses SQL*Plus, they can connect to the database. Using the same login, the application itself gets the ORA-01017. It is a COBOL application. The vendor is insisting that they are passing the correct password. The SA is insisting that I have to turn some tracing on to show the password being passed in. As far as I know, the password is encrypted in the login process.
Is there any way to get this information? The vendor refuses to help us until we can prove that the password being sent is wrong.
Scott Canaan ’88 (srcdco_at_rit.edu<mailto:srcdco_at_rit.edu>)
(585) 475-7886 – work (585) 339-8659 – cell“Life is like a sewer, what you get out of it depends on what you put into it.” – Tom Lehrer
-- http://www.freelists.org/webpage/oracle-lReceived on Thu Jan 14 2016 - 14:37:20 CET