RE: Auditing original user in an n-tier environment

• From: "Vlado Barun" <vlado@xxxxxxxxxx>
• To: <george.rusnak@xxxxxxxx>, <oracle-l@xxxxxxxxxxxxx>
• Date: Mon, 9 May 2005 14:38:39 -0400

Option 1: Use oracle n-tier proxy authentication, see
http://download-west.oracle.com/docs/cd/B10501_01/network.920/a96582/authuse
r.htm#1006671

Option 2: Use session context variables to identify the user that is using
the current connection. This assumes that the presentation layer knows the
identity of the user. If so, you can use the sys_context function to add an
attribute to the session identifying the "real" user. This attribute can
then be used in any function/procedure/package/trigger/sql to populate the
appropriate fields in the audit logs...
See
http://asktom.oracle.com/pls/ask/f?p=4950:8:::::F4950_P8_DISPLAYID:616200296
2892 for more details...

Vlado Barun, M.Sc.
Senior Data Architect, Cadre5
www.cadre5.com
Office: 865 690 4442
Mobile: 865 335 7652
e-mail: vlado@xxxxxxxxxx
AIM: vbarun2
-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx]
On Behalf Of Rusnak, George A. (SEC-Lee) CTR
Sent: Monday, May 09, 2005 1:51 PM
To: oracle-l@xxxxxxxxxxxxx
Subject: Auditing original user in an n-tier environment

GURUS,
Oracle EE: 9.2.0.5
Hardware: HP-UX

3 tier architecture: Presentation, Application and Database.
Language: Cold Fusion

Challenge: 
How do we capture the user logging into the Presentation layer and pass that
original user id through the Application layer to the database layer and be
able to capture that original user id in the audit logs. The Application
layer always connects to the database as the SAME user NOT as the original
user.  We need to know what code goes in what tier.
I have read and searched but cannot find a doc on how to do this. With all
the multi-tier architectures out there I was hoping to find a ton of
information on this subject.

THANK YOU,

Al Rusnak
* 804-734-8210
* george.rusnak@xxxxxxxx



--
//www.freelists.org/webpage/oracle-l



--
//www.freelists.org/webpage/oracle-l

• References:
  • Auditing original user in an n-tier environment
    • From: Rusnak, George A. (SEC-Lee) CTR

Other related posts:

• » Auditing original user in an n-tier environment
• » RE: Auditing original user in an n-tier environment
• » RE: Auditing original user in an n-tier environment
• » RE: Auditing original user in an n-tier environment
• » Re: Auditing original user in an n-tier environment
• » Re: Auditing original user in an n-tier environment
• » RE: Auditing original user in an n-tier environment
• » RE: Auditing original user in an n-tier environment
• » RE: Auditing original user in an n-tier environment
• » RE: Auditing original user in an n-tier environment
• » RE: Auditing original user in an n-tier environment
• » Re: Auditing original user in an n-tier environment

1. Home
2. oracle-l
3. Archive
4. 05-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---