DBAsupport.com Forums - Powered by vBulletin
Results 1 to 6 of 6

Thread: How does oracle perform OS authentication

  1. #1
    Join Date
    Oct 2000
    Location
    Saskatoon, SK, Canada
    Posts
    3,925
    I have been looking for the documents or white papers which talks on how oracle would perform an user authentication to the client system, when you perform a remote OS authentication.

    My question here is how does oracle confirms that the user who is logged into the client system is the owner before comparing the name with the oracle username. Does it take the uid and translate it to the username and then compares it to the database user name or what?

    Just got lost in this part of undestanding? There are no docs that talks about the steps that oracle would go through on authenticating the remote user to the database user whose identification had been set to external.

    Any information on this would greatly be appreciated.

    Sam
    Thanx
    Sam



    Life is a journey, not a destination!


  2. #2
    Join Date
    Dec 2000
    Location
    Ljubljana, Slovenia
    Posts
    4,439
    Sam,

    If you can get hand on "Oracle Security Handbook" (Osborne ORACLE Press Series) by Marlene L. Theriault - it has a very detailed description how OS authentication works, step by step. Separately for Unix and for Win$, as the process of user authentication differs substantialy between those two OS. I don't have the book handy, but I remember it describes this topic extremely understandable and in great detail.
    Jurij Modic
    ASCII a stupid question, get a stupid ANSI
    24 hours in a day .... 24 beer in a case .... coincidence?

  3. #3
    Join Date
    Oct 2000
    Location
    Saskatoon, SK, Canada
    Posts
    3,925
    Thanx Jurij,

    I'll check it out first thing tomorrow. I have been with oracle, discussing this issue for the last three days and they so far had only been giving me a wishy washy asnwer. My question was when the DB does a remote user authentication, how would oracle come to know of the os_user name. Does it get from the client environment or through the UID parameter. Looks like they weren't ready to answer this qustion. But for me it is necessary, if I want to authenticate the web users' scripts, through the web client.

    I'll as a first thing tomorrow would go through it. Thanx for pointing in the right direction.

    Thanx,
    Sam
    Thanx
    Sam



    Life is a journey, not a destination!


  4. #4
    Join Date
    Oct 2000
    Location
    Saskatoon, SK, Canada
    Posts
    3,925
    Jurij,

    The books seems to talk about the windows NTS had shake and not much about Unix. Any other sources of information.

    Sam
    Thanx
    Sam



    Life is a journey, not a destination!


  5. #5
    Join Date
    Mar 2001
    Posts
    314
    Sam,

    Take a loot at the Metalink doc#: Note:1038146.6

    Might help

    -amar

  6. #6
    Join Date
    Oct 2000
    Location
    Saskatoon, SK, Canada
    Posts
    3,925
    Yes, that did explain to an extent. But still my question is from where does it gets the OS_USERNAME? I know its a security issue. But I'm more interested in digging deep into it for learning purposes only. If any one had cracked it or have a work around, I'm very much interested in hearing it from you.

    If you do not want to reveal your identity here, please feel free to email me your suggestions. my email address is sambavan@alumni.utexas.net (Remeber to quote the DBSUPPORT discussion)

    I here by promiss to maintain the confidentiality!

    Thanx,
    Sam
    Thanx
    Sam



    Life is a journey, not a destination!


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Click Here to Expand Forum to Full Width