Friday, May 17, 2013

Security Administering Authent - Part 4

Dear Readers,

My name is Franz Devantier, creator of this blog.  I am an Oracle Certified Professional (OCP DBA 11g) Security DBA.  I will be sharing with you the basic duties of an Oracle DBA, and also some of the undocumented, and not so well known tasks. 

I will make a deal with you:  If you refer me to a company that needs database support, from a few hours per week to full time, and I am able to sign a contract with them.
Then I will give you 10% of the monthly contract or deal price every month.  When the contract ends, and we re-sign the contract, I will again give you 10% of the monthly contract price.  This will go on until the company no longer employs or contracts me or my agents to look after their databases.
I can do this, because that 10% is my marketing budget.  When we re-sign the contract, in the future, it may depend on you giving the thumbs up again, and that is worth 10% of the monthly contract price, to be given to you as commission.
Contact: Franz

Security Administering Authentication  -  Part 4 of 4
Authorizing a Middle Tier to Proxy and Authenticate a User Example
The below statement will authorize the middle-tier server “appserverx” to connect as user fred to the database.  appserverx will activate all the roles associated with “fred”, except for the genledger role.

SQL> ALTER USER fred
   GRANT CONNECT THROUGH appserverx
   WITH ROLE ALL EXCEPT genledger;

If you wanted to revoke the middle-tier server “appserverx” from its authorization to connect as user “fred”, then you can use a statement like the one below.
SQL> ALTER USER fred REVOKE CONNECT THROUGH appserverx;

Authorizing a Middle Tier to Proxy a User Authenticated by Other Means Example
In order to authorize a user to be proxied by a middle tier, but not authorized by a middle tier.  In 10G, PASSWORD was the only means supported of achieving this goal.  You will use the AUTHENTICATED using clause of the ALTER USER … GRANT CONNECT THROUGH statement.

SQL> ALTER USER  fred
   GRANT CONNECT THROUGH appserverx
   AUTHENTICATED USING PASSWORD;

What this means is that the middle-tier “appserverx” is authorized to connect as user “fred”, but the middle-tier must also pass the user password of fred to the database, to be authorized by the Database Server.

Franz Devantier,
Need a database health check, or a security audit?
devantierf@gmail.com
Classifieds
Year of the Stem Cell
Devantier Hosting, from $2.75
Host then Profit GVO
Global Domains International
Cash in on Banners
Hot Link Cycler
A to Z AdBoard
Ad Viralizer
Traffic Exchange Profits
Easy Downlines
Fast Cash and Traffic
Simple Safelists
Traffic Wave - Autoresponder
Traffic Hoopla

Business Related Social Media

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)