Re: ldap authentication

  • From: Jason Heinrich <jheinrich@xxxxxxxx>
  • To: <stellr@xxxxxxxxxx>, oracle-l <oracle-l@xxxxxxxxxxxxx>
  • Date: Fri, 26 Aug 2005 10:15:45 -0500

The article in question is talking about logging into an application
(especially an HTMLDB application), not logging into the database.  The
assumption is that the application is already connected/authenticated with
the database.  The only software requirement for the LDAP authentication
then is an Oracle database with the DBMS_LDAP package, which comes with
Standard edition.

I did something like this last month as a proof-of-concept for
authenticating against our Active Directory.  Basically it involves
connecting to AD as a read-only lookup user, retrieving the user's DN, then
attempting to reconnect to AD as that DN with the user-supplied password.
If the second connection worked, we return TRUE that they're authenticated.

Jason Heinrich
Oracle Database Administrator
Pensacola Christian College
(850) 478-8496 x2509

> From: Ray Stell <stellr@xxxxxxxxxx>
> Reply-To: <stellr@xxxxxxxxxx>
> Date: Fri, 26 Aug 2005 10:56:31 -0400
> To: oracle-l <oracle-l@xxxxxxxxxxxxx>
> Subject: ldap authentication
> In this howto:
> uthenticate.html
> there is a link for "software requirements" that goes
> to /dev/null.  Anybody know how this works, is advanced
> security product required?   I don't see how the
> standard shared secret/net8 encryption would work.
> ============================================================
> Ray Stell  stellr@xxxxxx  (540) 231-4109  Tempus fugit  28^D
> --


Other related posts: