Often the information held inside databases is not for everyone to see. In this chapter we will learn about the various security mechanisms that are available, such as Oracle usernames, and how to restrict access to certain tables and the actions that a user can perform.
Database Users
Before anyone can access anything inside the database, they have to logon. In Oracle 8.0.3 this would be using an Oracle username and password as shown in Figure 7.1. This username and password is completely different from the username and password that you used to logon to NT. There is no direct relationship between these two usernames and they are maintained using different tools. Database users can be created using SQL, but the examples shown here will use the Security Manager GUI.
Figure 7.1: Oracle Database Logon
Having to maintain two sets of usernames and passwords can be viewed as a lot of extra maintenance. Oracle8 provides a very useful facility where access to the database can be granted dependant on your NT username. If the initialization parameter OS_AUTHENT_PREFIX="" and a username is created in the Oracle database with a password type of external that is identical to your NT username. Then you can immediately logon to the database. According to the NT documentation this feature should be available, but in Oracle 8.0.3 it is not yet available.
An important decision for the DBA is how usernames will be allocated and maintained. Your organization may already...
Copyright Butterworth-Heinemann 1998 under license agreement with Books24x7