We are investigating using Proxy Authentication from asp.net web forms. The
idea is that we could preserve the identity of individual users in Oracle
without maintaining separate Oracle passwords for each of them.
This connection (odp.net) does just that:
con.ConnectionS tring ="Data Source=DB1;User Id=RealUser;Pro xy User
Id=TechnicalUse r; Proxy Password=Techni calUser"
The concern is how to protect the Proxy Password. Leaving it in clear text
in code is not acceptable. I am looking for suggestions of secure methods of
handling this password. I know this is not an 'Oracle server' issue but it
is an issue that must be resolved before we can adopt an attractive feature
of Oracle.
Today we do not store any passwords, each user is prompted to enter his own
password which is then authenticated by Oracle. We do not have Oracle
Advanced Security. We do have more than one Oracle database and the goal is
to reduce the number of passwords each user has to remember and change on a
regular basis.
idea is that we could preserve the identity of individual users in Oracle
without maintaining separate Oracle passwords for each of them.
This connection (odp.net) does just that:
con.ConnectionS tring ="Data Source=DB1;User Id=RealUser;Pro xy User
Id=TechnicalUse r; Proxy Password=Techni calUser"
The concern is how to protect the Proxy Password. Leaving it in clear text
in code is not acceptable. I am looking for suggestions of secure methods of
handling this password. I know this is not an 'Oracle server' issue but it
is an issue that must be resolved before we can adopt an attractive feature
of Oracle.
Today we do not store any passwords, each user is prompted to enter his own
password which is then authenticated by Oracle. We do not have Oracle
Advanced Security. We do have more than one Oracle database and the goal is
to reduce the number of passwords each user has to remember and change on a
regular basis.