Re: Trigger force a logout?
- From: Andre van Winssen <dreveewee@xxxxxxxxx>
- To: ahmusch@xxxxxxxxx, oracledba.williams@xxxxxxxxx
- Date: Thu, 25 Jun 2009 16:35:30 +0200
account locking is not feasible when uncer certain conditions (eg source ip
address or timeslots of a day) the username would be allowed for login.
you can simply add a line with
raise_application_error(-2000,'sorry not allowed to login')
in your logon trigger code .
Andre
2009/6/25 Adam Musch <ahmusch@xxxxxxxxx>
> One wonders why one doesn't simply lock the account.
>
> ALTER USER bad_user ACCOUNT LOCK;
>
> seems easier than writing a trigger.
>
> Similarly, you may wish to explore auditing and system/application contexts
> so that you could audit who's trying this account.
>
> On Thu, Jun 25, 2009 at 9:25 AM, Andrew Kerber
> <andrew.kerber@xxxxxxxxx>wrote:
>
>> yes, it is possible. It would be a system trigger.
>>
>>
>> On Thu, Jun 25, 2009 at 9:15 AM, Dennis Williams <
>> oracledba.williams@xxxxxxxxx> wrote:
>>
>>> List,
>>>
>>> To plug a security gap, I'm trying to create a trigger on a certain
>>> username. If the trigger condition is met, the trigger would force a logout.
>>> Is that possible?
>>>
>>> Thanks for any suggestions,
>>> Dennis Williams
>>>
>>
>>
>>
>> --
>> Andrew W. Kerber
>>
>> 'If at first you dont succeed, dont take up skydiving.'
>>
>
>
>
> --
> Adam Musch
> ahmusch@xxxxxxxxx
>
Other related posts:
