Hi all,
I have a feature request for Oracle ODI and proxy authentication connections. From what I can tell these are not supported by the CONNECT TO command currently, so I was wondering how feasible it would be to build support into Genero for this feature?
The background for this is that currently we use an app_owner account to simulate an Informix database. Users connect as individual Oracle internal users and we ALTER TABLE SET CURRENT_SCHEMA to the app_owner user. It works great but users need ANY * privileges, which causes security exemptions at some of our bigger customers. It has been suggested by various Oracle DBA’s that we should be using proxy authentication…
http://docs.oracle.com/cd/E25054_01/network.1111/e16543/authentication.htmhttp://www.pythian.com/blog/the-power-of-the-oracle-database-proxy-authenticated-connections/http://www.dba-oracle.com/t_proxy_connect_authentication.htmApparently this was first added in Oracle 10gR2...
== working as DBA
SQL> CREATE USER app_owner IDENTIFIED BY vVukjkcCuIooCd1 DEFAULT TABLESPACE datadbs;
User created.
SQL> GRANT CONNECT, RESOURCE TO app_owner;
Grant succeeded.
SQL> ALTER USER app_owner QUOTA UNLIMITED ON datadbs;
User altered.
SQL> CREATE USER app_user IDENTIFIED BY J0K3MAWy6XiNOhZ DEFAULT TABLESPACE datadbs;
User created.
SQL> GRANT CONNECT TO app_owner;
Grant succeeded.
SQL> ALTER USER app_owner GRANT CONNECT THROUGH app_user;
User altered.
== working as app_owner
SQL> CONNECT app_owner/vVukjkcCuIooCd1
SQL> CREATE TABLE app_tab_1 (id integer, dsc varchar2(30));
Table created.
SQL> INSERT INTO app_tab_1 VALUES (1, 'A');
1 row created.
SQL> COMMIT;
Commit complete.
== connecting as app_user, working as app_owner
SQL> CONNECT
app_user[app_owner]/J0K3MAWy6XiNOhZ
Connected.
SQL> INSERT INTO app_tab_1 VALUES (2, 'B');
1 row created.
SQL> COMMIT;
Commit complete.
Kind regards,
David