Re: Username of a user connecting to a database via an application server

From: Galen Boyer <galen_boyer@xxxxxxxxx>
Date: 27 Jul 2006 19:42:02 -0500

On 27 Jul 2006, Utpal.Dhar@xxxxxxxxx wrote:

We have a J2EE application and we use Orion application server to
connect to the database. All these connections to the database are
made as a single user. Now it becomes difficult to find out what is
the SID of a particular user because everyone connects as the same
user. It becomes difficult to identify which user is doing what.

Is there a way to overcome this.

Yes, but no way that won't involve some architecture overhaul around how
you handle connections and credentials of your users, as well as tieing
these to users in the database itself. (Your architects should be taken
to task cause they should have thought of this long before the heavy
coding started)

There is a concept in Oracle of "Proxy User", which your single user
would be one. A proxy user's main purpose in life is really to "act on
behalf of others". But, you need to code this in your connection
classes cause it usually isn't supported by app server vendors, plus the
database would need to know who the "on behalf of" is, so you'd need to
create them as oracle users. (I don't know if the "behalf of" can work
with a home grown users table).

There is LDAP support directly with Oracle, but you need to be running
Oracle's Application server (Your app doesn't need to be executing in
this container but the OAS needs to be executing). Then, you need to
wire the LDAP up to Oracle with some sort of code (I think this uses
context). I'm not sure if Oracle just gives this right out of the box.

There is also a homegrown way of doing this. Every time you get a
connection to use for some sequence of operations, you can first issue a
sys_context("userid behind the click") modification which lands who the
user is on the context of the connection. But, yet again, the database
needs to understand who this is.

At the end of the day, code in the database will need to understand "who
is using the connection" if you want anything intelligent to happen once
the wiring is set up. A simple example is triggers could pick up and
log who did what operation.

--
Galen Boyer
.

References:
- Username of a user connecting to a database via an application server
  - From: picksdba

Prev by Date: Re: Is PUBLIC permission on system objects necessary for Oracle to run
Next by Date: Re: Possible Tune-up?
Previous by thread: Re: Username of a user connecting to a database via an application server
Next by thread: Jinitiator problem - openning a new window
Index(es):
- Date
- Thread

Relevant Pages

RE: ADO.Net Connection Pooling Problem with Oracle
... the CLR is releasing the connection to your database. ... the number of database sessions in Oracle seem to ...
(microsoft.public.dotnet.framework.adonet)
Re: Connecting to an Oracle Database
... You can also use FrontPage, ... Click Add to Catalog under "Database Connections" ... Put in your Oracle connection string in the custom connections dialog ...
(microsoft.public.sharepoint.windowsservices)
Re: ADO Connection Timeout
... so what happens when a connection failure forces one station to revert ... to a local database? ... Further, you *will* have contention issues, Jet does not support record ... to the central server, but you are willing to live with periods where it ...
(microsoft.public.data.ado)
ANN: Sequel 3.11.0 Released
... Sequel is a lightweight database access toolkit for Ruby. ... Sequel provides thread safety, connection pooling and a concise DSL ... for constructing database queries and table schemas. ...
(comp.lang.ruby)
RE: Query Oracle, show results (need help!!)
... After the DB connection, put this... ... I am trying to log into an Oracle database, ... Prepare the SQL statement for running and it'll be stored in Oracle buffer ...
(perl.beginners)