Call now: 252-767-6166  
Oracle Training Oracle Support Development Oracle Apps

 
 Home
 E-mail Us
 Oracle Articles
New Oracle Articles


 Oracle Training
 Oracle Tips

 Oracle Forum
 Class Catalog


 Remote DBA
 Oracle Tuning
 Emergency 911
 RAC Support
 Apps Support
 Analysis
 Design
 Implementation
 Oracle Support


 SQL Tuning
 Security

 Oracle UNIX
 Oracle Linux
 Monitoring
 Remote s
upport
 Remote plans
 Remote
services
 Application Server

 Applications
 Oracle Forms
 Oracle Portal
 App Upgrades
 SQL Server
 Oracle Concepts
 Software Support

 Remote S
upport  
 Development  

 Implementation


 Consulting Staff
 Consulting Prices
 Help Wanted!

 


 Oracle Posters
 Oracle Books

 Oracle Scripts
 Ion
 Excel-DB  

Don Burleson Blog 


 

 

 


 

 

 
 

Using Advanced Security And OID To Create A Database SSO Environment

Oracle Tips by Burleson Consulting
Mark Rittman
January 24, 2004

"I am in the process of implementing oid and security in datawarehosuing environment very similar to whatever I have read in your fantastic paper. I have asked and queried a few oracle gururs who come up with answers that everything is possible with oid w/o really understanding the shortfalls in the product. your paper was very helpful and I though I could ask you a few clarifications on this.

  • this is the scenario I am dealing with now. we have a few databases with a big set of user community. I would like to store the userids and passwords for all these users in a single oid instance so that it gives a single-sign on effect when users access these databases. so when they have access to tools like sqlplus can this be achieved?
  • and I understand that u can have the 9i database use the oid to store userid and password and u talk about syncing up the userids and passwords. here is my question
  • I have database A,database B having a common user C. when C is created in database A can his password and privileges be linked to database B too. that is the syncing you are talking about is it two-way from database to oid and oid to database too.

can you please tell me whether you have any other documentation on setting up oid and the usual gotchas that one has to keep in mind when testing them."

It looks like what you're looking for is the 'Advanced Security Option' for the Oracle 9i database. The "Oracle 9i Advanced Security Release 2 Factsheet" on OTN gives a good overview of this Oracle 9i option.

In particular, Advanced Security can be used to set up global users, roles and accounts that can be used across a set of Oracle Database applications, with full details of how these are set up given in the OTN document "Oracle Advanced Security 9i: Enterprise User Security"

Looking at what Advanced Security does, you wouldn't need to sync the OID to the database users and roles, as Advanced Security would do this for you. Also, you wouldn't need to sync individual OIDs with each other, as there's just one OID instance per enterprise. The only time you'd need to sync OID instances is if you want to synchronize the 9i Database OID with the 9iAS OID instance (or indeed sync either with the Oracle Apps 11i OID instance) to achieve single sign-on across the complete Oracle technology stack.

In terms of Gotchas - well, first of all, bear in mind that Advanced Security is a pay-extra option for the database. Also, be prepared to spend a bit of time getting it all set up. In addition, whilst setting up Advanced Security on your database is a fairly well-trodden path, synchronizing it with 9iAS or Oracle Apps is a far more complex task (and with no clear 'best practice' in this area published by Oracle), although I've been told by Oracle support that this whole area is much simpler to set up with Oracle Application Server 10g. Haven't tried it myself though.

You can find out more details on Oracle Advanced Security on OTN's Advanced Security product page.

 
Get the Complete
Oracle SQL Tuning Information 

The landmark book "Advanced Oracle SQL Tuning  The Definitive Reference"  is filled with valuable information on Oracle SQL Tuning. This book includes scripts and tools to hypercharge Oracle 11g performance and you can buy it for 30% off directly from the publisher.

 

 

��  
 
 
Oracle Training at Sea
 
 
 
 
oracle dba poster
 

 
Follow us on Twitter 
 
Oracle performance tuning software 
 
Oracle Linux poster
 
 
 

 

Burleson is the American Team

Note: This Oracle documentation was created as a support and Oracle training reference for use by our DBA performance tuning consulting professionals.  Feel free to ask questions on our Oracle forum.

Verify experience! Anyone considering using the services of an Oracle support expert should independently investigate their credentials and experience, and not rely on advertisements and self-proclaimed expertise. All legitimate Oracle experts publish their Oracle qualifications.

Errata?  Oracle technology is changing and we strive to update our BC Oracle support information.  If you find an error or have a suggestion for improving our content, we would appreciate your feedback.  Just  e-mail:  

and include the URL for the page.


                    









Burleson Consulting

The Oracle of Database Support

Oracle Performance Tuning

Remote DBA Services


 

Copyright © 1996 -  2017

All rights reserved by Burleson

Oracle ® is the registered trademark of Oracle Corporation.

Remote Emergency Support provided by Conversational