Results 1 to 3 of 3
  1. #1
    Join Date
    Oct 2002
    Cape Town, South Africa

    Unanswered: User management and scheme access management


    I was wondering, how should my user log into my application considering the app is connecting to the oracle db?

    a) Should I create a user table and store usernames/encrypt(password), or
    b) should I let oracle maintain user/password and the user will connect the app to the db using their login credentials?


  2. #2
    Join Date
    Jun 2004
    Provided Answers: 1
    The choice is yours, but my view on this is that Oracle already has the built-in ability to manage usernames & passwords, so why create more work for yourself?

    Is there a reason why Oracle shouldn't/can't handle the accounts?
    90% of users' problems can be resolved by punching them - the other 10% by switching off their PCs.

  3. #3
    Join Date
    Sep 2003
    Virginia, USA
    I like database user accounts, being an Old School DBA and all, but scalability is an issue. Managing 500 users across 10 databases is easy. If you have 50,000 users in your organization and they have mixed access to several hundred data sources ... time for an LDAP server to centrally manage the users. When you learn that user X is stealing corporate secrets, how do you lock his account in all databases in a reasonable amount of time? When someone retires, can you find all of the database that person had accounts in? In theory a LDAP would save time and money. Of course, it takes a lot of time and money to setup an LDAP. There's a financial equilibrium point to consider in your planning.
    Author, Oracle Database 10g: From Nuts to Soup

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts