Tuesday 10 September 2013

Rough notes on Proxy connections

Oracle® Database Security Guide
12c Release 1 (12.1)
E17607-19
Creating Proxy User Accounts and Authorizing Users to Connect Through Them
http://docs.oracle.com/cd/E16655_01/network.121/e17607/authentication.htm#DBSEG99851

I just want to document in 'Connections with Proxy Authentication' that there are two ways of doing proxy users a single session way and a double session way It looks like people will in future go for the simpler single session way.

There are two ways of doing proxy logins:
where p1 is proxy user and c1 is proxy client:

(Mapping over from the doc link: p1=appuser, c1=preston)
1/single session method (if no 2nd password or distinguished name required)
on main connection popup
user: p1[c1]
password: p1

2/Two session method
Main Connection popup
user: p1
password p1

popup connection authentication
-proxy client is correct - was (2009) labeled proxy user which is the name for p1[

proxy client: c1
none or password or distinguished name

password:
(
To create proxy client with password authentication:
CREATE USER c1 IDENTIFIED BY ;
ALTER USER c1 GRANT CONNECT THROUGH p1 AUTHENTICATED USING PASSWORD;
GRANT create session TO c1;

)

TODO - cover Distinguished Name authentication