I am not sure whether this is a blog post, an advertisement, or an abject plea.
But here goes….
Please stop sharing SYSTEM passwords!
Ahem.
Stop sharing @!*@!(%#!*#!&}#?!#$!?$!?$!? ANY @$)()!!(!)#! Oracle PASSWORDS!
Do I make myself clear?
Ahem. Ahem.
DBA’s, yes, I know I’ve been there and done that. I’ll talk with you about SYS and SYSTEM later. In the meantime, any schema needing access by multiple users does not ever again need to be shared by sharing passwords.
So say you’ve got a shared account with a name like, say TABLEOWNER. I suppose you’ll want to create some tables there, won’t you? Well, if you think I’m giving you the password you can forget it!
In fact, just to spite you I’ll use Ron Ben Natan’s “impossible password” trick. And no, you’re not getting any ANY. None.
Just log in as yourself as usual, except… after your username, add [TABLEOWNER] before your password. How did I do that? Proxy user.
ALTER USER TABLEOWNER GRANT CONNECT THROUGH you;
For all typical intents and purposes, your connection is as TABLEOWNER. Groovy, right? Now you might actually find this a little disturbing. Ah, now you’ve got it. But don’t worry, you have enough control and information if you need it. There’s a SYS_CONTEXT to show you who you REALLY are:
select USER, sys_context ('userenv', 'proxy_user') AS PROXY_USER FROM DUAL;
I am attaching a little demo script you can use as an initial experiment.
Best regards,
connect_through_proxy_demo.txt
Схема Цар