Table of Contents
Advertisement
Configuring Oracle Database for External Authentication
If REMOTE_OS_AUTHENT is set to FALSE, and the server cannot support any of
the authentication methods requested by the client, the authentication service
negotiation fails and the connection terminates.
If the parameter is set as follows in the
the database attempts to use the supplied user name and password to login the
user:
SQLNET.AUTHENTICATION_SERVICES=(NONE)
If REMOTE_OS_AUTHENT is set to FALSE, however, the connection fails.
Setting OS_AUTHENT_PREFIX to a Null Value
Authentication service-based user names can be long, and Oracle user names are
limited to 30 characters. Oracle Corporation strongly recommends that you enter a
null value for the OS_AUTHENT_PREFIX parameter in the initialization file used
for the database instance as follows:
OS_AUTHENT_PREFIX=""
To create a user, launch SQL*Plus and enter the following:
SQL> CREATE USER os_authent_prefix username IDENTIFIED EXTERNALLY;
When OS_AUTHENT_PREFIX is set to a null value (" "), enter the following to create
the user king:
SQL> CREATE USER king IDENTIFIED EXTERNALLY;
The advantage of creating a user in this way is that the administrator no longer
needs to maintain different user names for externally identified users. This is true
for all supported authentication methods.
9-6 Oracle Database Advanced Security Administrator's Guide
The default value for OS_AUTHENT_PREFIX is OPS$;
Note:
however, you can set it to any string.
If a database already has the OS_AUTHENT_PREFIX
Attention:
set to a value other than NULL (" "), do not change it, since it can
inhibit previously created, externally identified users from
connecting to the Oracle server.
file on either the client or server,
sqlnet.ora
Advertisement
Chapters
Table of Contents
Troubleshooting
Need help?
Do you have a question about the Oracle Database B10772-01 and is the answer not in the manual?