Re: hide password for client sessions

"Mark C. Stock" <mcstockX_at_Xenquery .com> wrote in message news:XdidnYjFUumENczdRVn-iQ_at_comcast.com...
>
> "Howard J. Rogers" <hjr_at_dizwell.com> wrote in message
> news:4051a485$0$3956$afc38c87_at_news.optusnet.com.au...
> |
> | "John Leslie" <johnleslie_at_madasafish.com> wrote in message
> | news:4412dd31.0403120110.63bd27b9_at_posting.google.com...
> | > For security reasons I do not want my users to specify a password to
> | > an oracle user when starting an application on their PC. The
> | > application connects using Oracle 9.2 client. Can I default the
> | > password somewhere...in the sqlnet.ora file or somewhere?
> | >
> | > N.B. using OS authentication is not an oprion.
> |
>
> please elaborate -- are your users not authenticated on the network or is
> there some other technical or policital issue?
>
> |
> | Why? O/S authentication is, of course, nothing of the sort. O/S
> | authentication for ordinary users (create user fred identified
externally)
> | ultimately ends up being data dictionary authentication, with Oracle
> merely
> | confirming that the O/S user has an entry in the data dictionary.
> |
> | It requires no O/S setup, if that was your concern, unlike the true O/S
> | authentication that exists for privileged users (connect / as sysdba),
> which
> | requires O/S groups and memberships of said groups to be set up
correctly.
> |
>
> unless you use an oracle password file ;-{ mcs

In which case, it would be password file authentication, and not O/S authentication.

Let's try not to confuse the issue. Ordinary user O/S authentication is actually just data dictionary authentication. Privileged User O/S authentication requires setting up an O/S group and adjusting memberships accordingly. Privileged User Password File authentication requires setting up a password file.

HJR Received on Fri Mar 12 2004 - 06:26:08 CST