As with most companies nowadays, my company is making an effort towards storing username and passwords in central location. So that the username-password of a user to login to his computer is the same username-password he/she would use to login to the database.

How do you accomplish this in Oracle?

I've heard of using "identified by externally" - but it's not clear that it's a solid solution - there's talks that there are great security holes inherent with this.

Our users uses Windows workstation and our Oracle servers are Unix (Sun Solaris). We use Active Directory and iPlanet for directory services - NIS+ is still being used but supposed to be phased out.

Some application that uses java have been changed to use the directory services for authenticating the user.

But what about application where the user uses an Oracle account? - such as in applications using forms...

Is there a way to reach this goal of centralling storing authentications information in a central repository?