Ask the Expert

Trigger to track user password changes in table

I need to create a trigger which tracks user password changes into a table my_table. I have a database user who has alter user privileges and would like him to change users who belong to his group. That is, when the user changes the password for a user, the trigger fires and inserts info into my_table. In case this user tries to change another user's password, the trigger should fire again telling him 'cannot alter the user.'

I'm enclosing the trigger code I wrote:

 create or replace trigger LOGG_TRAIL
  before alter on database
  when (ora_dict_obj_type = 'USER' and 
ora_dict_obj_name != user
        and sys_context('USERENV','ISDBA') = 'FALSE' ); 
declare
  by_user  varchar2(30);
  to_user  varchar2(30);
  vprofile varchar2(30);
begin
  select to.PROFILE into vprofile
  from DBA_USERS by, DBA_USERS to
  where by.USERNAME = user
  and to.USER_NAME = ora_dict_obj_name
  and by.PROFILE = to.PROFILE;
 
  insert into TRAIL_TEMP (USER_ALTERED, PASSWORD_MODIFIED_BY, 
PASSWORD_MODIFIED_DATE, PROFILE)
  values (ora_dict_obj_name, user, sysdate, vprofile); exception
  when others then
    raise_application_error (-20001,'can''t alter user'); end; /
This gives errors. Can you please check it? Your help will be highly appreciated.

    Requires Free Membership to View

If I had to perform this action, I would take a slightly different route. Each user is assigned a profile and that profile can include a password verification function. There is nothing stopping you from coding your rules in that password verification function. This function can insert rows of data into another table and raise exceptions.

This was first published in August 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: