Topic awaiting preservation: Oracle Restrict User Access by IP (Page 1 of 1) $Pages that link to <a href="https://ozoneasylum.com/backlink?for=29036" title="Pages that link to Topic awaiting preservation: Oracle Restrict User Access by IP (Page 1 of 1)" rel="nofollow" >Topic awaiting preservation: Oracle Restrict User Access by IP <span class="small">(Page 1 of 1)</span>\$

WarMage Maniac (V) Mad Scientist From: Rochester, New York, USA Insane since: May 2000	posted 03-09-2007 21:43 In mysql we create users and privileges through a grant statement. An example would be: code: grant all privileges on database.* to user@[b]192.168.1.102[/b] identified by 'password' In the above statement we are only allowing user access to the database if they are coming from the specific IP address 192.168.1.102 any other requests with a valid username and password coming from different IP addresses will automatically be denied. Does oracle have any feature that is similar to this? I have done some looking at this and it looks like the closes they have is setting something like a login trigger which seems very convoluted to me. I am really glad that I am not an oracle DBA the more I see of this database the more I wonder why it is the leader. Dan Code Town \| Zombie Head
Tyberius Prime Maniac (V) Mad Scientist with Finglongers From: Germany Insane since: Sep 2001	posted 03-10-2007 21:15 always believed this to be part of the standard, so have you tried in oracle?
WarMage Maniac (V) Mad Scientist From: Rochester, New York, USA Insane since: May 2000	posted 03-11-2007 05:55 Our DBA tells me that this is not the way that Oracle works. He says that there are ways to accomplish the same type of thing but it is a bit more complex than setting the user's rights. The reason he give is that Oracle is not really designed to be a database for web applications. It is a data warehousing application and different security constraints were created to better accommodate this. The reason I am asking is that I was on a conference call with one of our clients DBA's talking about security, and when I mentioned setting up oracle to limit access for a given account by IP address she had no idea what I was talking about. I have done looking on my own and the only ways I see this being done is with a trigger that is fire on login, or setting some values in an oracle setup file, neither of which seem like a standard way of limiting access by IP. I believe oracle is just behind this featuer wise. Dan Code Town \| Zombie Head
Skaarjj Maniac (V) Mad Scientist From: :morF Insane since: May 2000	posted 03-16-2007 15:21 Having looked into this myself, I believe you're right. The trigger seems to be the best way to do it, once you get it right, but Oracle is sadly lagging behind in this area. Do you have to use Oracle for this project? Justice 4 Pat Richard
WarMage Maniac (V) Mad Scientist From: Rochester, New York, USA Insane since: May 2000	posted 03-16-2007 16:40 Just not possible. Our application is tied to oracle pretty tightly as are our clients. Dan Code Town \| Zombie Head

Topic awaiting preservation: Oracle Restrict User Access by IP (Page 1 of 1) $Pages that link to <a href="https://ozoneasylum.com/backlink?for=29036" title="Pages that link to Topic awaiting preservation: Oracle Restrict User Access by IP (Page 1 of 1)" rel="nofollow" >Topic awaiting preservation: Oracle Restrict User Access by IP <span class="small">(Page 1 of 1)</span>\$

WarMage
Maniac (V) Mad Scientist

From: Rochester, New York, USA
Insane since: May 2000

posted 03-09-2007 21:43

In mysql we create users and privileges through a grant statement.

An example would be:

code:

grant all privileges on database.* to user@[b]192.168.1.102[/b] identified by 'password'

In the above statement we are only allowing user access to the database if they are coming from the specific IP address 192.168.1.102 any other requests with a valid username and password coming from different IP addresses will automatically be denied.

Does oracle have any feature that is similar to this? I have done some looking at this and it looks like the closes they have is setting something like a login trigger which seems very convoluted to me.

I am really glad that I am not an oracle DBA the more I see of this database the more I wonder why it is the leader.

Dan
Code Town | Zombie Head

Tyberius Prime
Maniac (V) Mad Scientist with Finglongers

From: Germany
Insane since: Sep 2001

posted 03-10-2007 21:15

always believed this to be part of the standard, so have you tried in oracle?

WarMage
Maniac (V) Mad Scientist

From: Rochester, New York, USA
Insane since: May 2000

posted 03-11-2007 05:55

Our DBA tells me that this is not the way that Oracle works. He says that there are ways to accomplish the same type of thing but it is a bit more complex than setting the user's rights.

The reason he give is that Oracle is not really designed to be a database for web applications. It is a data warehousing application and different security constraints were created to better accommodate this.

The reason I am asking is that I was on a conference call with one of our clients DBA's talking about security, and when I mentioned setting up oracle to limit access for a given account by IP address she had no idea what I was talking about.

I have done looking on my own and the only ways I see this being done is with a trigger that is fire on login, or setting some values in an oracle setup file, neither of which seem like a standard way of limiting access by IP.

I believe oracle is just behind this featuer wise.

Dan
Code Town | Zombie Head

Skaarjj
Maniac (V) Mad Scientist

From: :morF
Insane since: May 2000

posted 03-16-2007 15:21

Having looked into this myself, I believe you're right. The trigger seems to be the best way to do it, once you get it right, but Oracle is sadly lagging behind in this area. Do you have to use Oracle for this project?

Justice 4 Pat Richard

WarMage
Maniac (V) Mad Scientist

From: Rochester, New York, USA
Insane since: May 2000

posted 03-16-2007 16:40

Just not possible. Our application is tied to oracle pretty tightly as are our clients.

Dan
Code Town | Zombie Head