account locking is not feasible when uncer certain conditions (eg source ip address or timeslots of a day) the username would be allowed for login. you can simply add a line with raise_application_error(-2000,'sorry not allowed to login') in your logon trigger code . Andre 2009/6/25 Adam Musch <ahmusch@xxxxxxxxx> > One wonders why one doesn't simply lock the account. > > ALTER USER bad_user ACCOUNT LOCK; > > seems easier than writing a trigger. > > Similarly, you may wish to explore auditing and system/application contexts > so that you could audit who's trying this account. > > On Thu, Jun 25, 2009 at 9:25 AM, Andrew Kerber > <andrew.kerber@xxxxxxxxx>wrote: > >> yes, it is possible. It would be a system trigger. >> >> >> On Thu, Jun 25, 2009 at 9:15 AM, Dennis Williams < >> oracledba.williams@xxxxxxxxx> wrote: >> >>> List, >>> >>> To plug a security gap, I'm trying to create a trigger on a certain >>> username. If the trigger condition is met, the trigger would force a logout. >>> Is that possible? >>> >>> Thanks for any suggestions, >>> Dennis Williams >>> >> >> >> >> -- >> Andrew W. Kerber >> >> 'If at first you dont succeed, dont take up skydiving.' >> > > > > -- > Adam Musch > ahmusch@xxxxxxxxx >