Location: The Official Oracle Wiki

Discussion: Authentication: Database vs ApplicationReported This is a featured thread

Category: Discussion Forum / General Discussion
Showing 1 post

deucewildwood
Authentication: Database vs Application
Dec 3 2007, 6:32 PM EST | Post edited: Dec 3 2007, 6:32 PM EST
We plan to expose our data warehouse to our extranet which would imply a userbase in the low thousands (5-10). The current direction is to use Directory Services (aka Virtual Directory) to leverage our inhouse LDAP (Tivoli) and AD directories for authentication. Is it crazy to authenticate at the database level as opposed to using service accounts? Some security specialists I've had conversations with contend that it is. Part of the justification is the fine grain security (VPD) will need to have individual information (e.g. physicians only being able to see claims they serviced). Justification "part 2" is that we do not want to enforce fine grained security at the app level. Business Objects is our "primary" interface, but there are still other avenues to the data. 1  out of 7 found this valuable. Do you?    

Sign in to be the first to reply.

Related Content

  (what's this?Related ContentThanks to keyword tags, links to related pages and threads are added to the bottom of your pages. Up to 15 links are shown, determined by matching tags and by how recently the content was updated; keeping the most current at the top. Share your feedback on Wetpaint Central.)
start isql plus Eventos MK Tecnología Oracle Tweeters
siebel gadget API Can i send a meeting request in MSN Outlook from Oracle Why Doesn't the ODP.NET provide built in paging that is easier to use?
weblogic10 how to auto reload .xml ? Oracle Business Transformation Tour decode statement
format windows Call for Papers 2010 Conference New Zealand Oracle Users Group