1 person found this helpful
I believe the password is retained for the session, and that is the password that is used to make the connection. It is not dependent on retrieving the password or its hash from the dictionary. In fact, with situations like globally-identified users it would not be there anyway.
Thank you for replying. That sounds plausible.
Globally identified users (which would be a "current user" database link) are I think straightforward.
You could try a test like this:
- Create a user on both the local database and the remote database.
- Set the password on the local database to LOCAL_PW and on the remote to REMOTE_PW
- Create a database link to the remote database without credentials (the 'connected user' link)
- Connect to the local database as this test user.
- Query a table (like DUAL) on the remote database via the link. The connection will be unsuccessful.
ORA-01017: invalid username/password; logon denied
ORA-02063: preceding line from [remote database]
- Without disconnecting (but from a different session) change the user's password on the local database to REMOTE_PW. The passwords are now the same on both instances.
- Query a table (like DUAL) on the remote database via the link. The connection will again be unsuccessful. This demonstrates that the connection is not using the password from the local database's dictionary.
- On the remote database, change the user's password to LOCAL_PW. Note that the passwords no longer match.
- Query a table (like DUAL) on the remote database via the link. This time, the connection will be successful, because the credentials that created teh session can be successfully authenticated on the remote database.
Yes, password is retained in session (I am not sure, but I think that it's stored encrypted as Authentication Data in USERENV Context).