RE: Disconnecting session from an on logon trigger
- From: <Jay.Miller@xxxxxxxxxxxxxxxx>
- To: <oracle-l@xxxxxxxxxxxx>, <oracle-l@xxxxxxxxxxxxx>
- Date: Tue, 16 Oct 2007 11:20:11 -0400
Hmm, this is a problem. If possible I'd also like to prevent SYSTEM
from connecting if it comes from that particular module. I suppose I
could revoke administer database trigger from the DBA role.
Anyone have opinions on the ramifications of doing so?
Jay Miller
Sr. Oracle DBA
201.369.8355
-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Ted Coyle
Sent: Tuesday, October 16, 2007 9:22 AM
To: alberto.dellera@xxxxxxxxx; oracle-l@xxxxxxxxxxxxx
Subject: RE: Disconnecting session from an on logon trigger
The exception method is great, but only if the user does not have
ADMINISTER DATABASE TRIGGER granted somewhere like IMPORT FULL DATABASE.
-- Ted
-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx]
On Behalf Of Alberto Dell'Era
Sent: Monday, October 15, 2007 3:59 PM
To: oracle-l@xxxxxxxxxxxxx
Subject: Re: Disconnecting session from an on logon trigger
> I'd like to create an on logon trigger that will prevent the user from
> connecting in certain circumstances. I have one way of doing it which
would
> be to issue
> execute immediate ' alter system kill session 'session_id', 'serial#''
Just raise an exception from the logon trigger
raise_application_error (-20001, 'logon denied because ...'); so your
bad user will also have a nice error which clearly states the reason why
the logon was denied - which is very nice.
--
Alberto Dell'Era
"the more you know, the faster you go"
--
//www.freelists.org/webpage/oracle-l
--
//www.freelists.org/webpage/oracle-l
--
//www.freelists.org/webpage/oracle-l
Other related posts:
