Home > Ask the Oracle Database / Applications Experts > Questions & Answers > Can a single user be bound by a given TNS?
Ask The Oracle Expert: Questions & Answers
EMAIL THIS

Can a single user be bound by a given TNS?

Dan Norris EXPERT RESPONSE FROM: Dan Norris

Pose a Question
Other Oracle Categories
Meet all Oracle Experts
Become an Expert for this site
>
QUESTION POSED ON: 09 April 2004
Can a single Oracle user be bound by a given TNS? Just like: sqlplus scott/tiger@ONLYSCOTTALLOWED.

No other users used this ONLYSCOTTALLOWED db connection.

If it is possible, then please give me a solution. I am developing Web applications in PHP and want to access the only authorized Oracle single user. (This single user should have only select privileges on other users' tables.)

There are lot of Oracle users that could use this connection. So this couldn't be solved through grants or roles.


>
There is no permissions structure built into the TNS layer. Besides, one should not mistake obsecurity with security. By hiding the TNS connect descriptor, you may have made it more difficult for a user to connect to the database, but you have not prohibited them from doing so.

Security should be built in each layer starting with the layer closest to the data. In the case of Oracle, you should start with database security. If you have a single user that needs some special access, they should be issued their own database account with special privileges. If your client systems have static IP addresses, you may wish to consider using the sqlnet.ora parameters TCP.VALIDNODE_CHECKING, TCP.INVITED_NODES, and TCP.EXCLUDED_NODES to control which clients are allowed to connect to your listener.

The only solution to preserve security in your case is by using appropriate database grants or roles. Anything else will not sufficiently protect your data. Generally speaking, it is bad practice to share database accounts between multiple users. You've paid for a product that includes considerable security measures, but you have to use them to protect yourself!


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
Browse our Expert Advice



Oracle White Papers: Fusion Middleware
HomeNewsTopicsTipsAsk the ExpertsMultimediaWhite PapersProductsBlogs
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts