Discussions
Categories
- 385K All Categories
- 2.5K Data
- 580 Big Data Appliance
- 2K Data Science
- 452K Databases
- 222.3K General Database Discussions
- 3.8K Java and JavaScript in the Database
- 32 Multilingual Engine
- 575 MySQL Community Space
- 479 NoSQL Database
- 7.9K Oracle Database Express Edition (XE)
- 3.1K ORDS, SODA & JSON in the Database
- 575 SQLcl
- 4K SQL Developer Data Modeler
- 187.7K SQL & PL/SQL
- 21.5K SQL Developer
- 11 Data Integration
- 11 GoldenGate
- 297.6K Development
- 3 Application Development
- 18 Developer Projects
- 140 Programming Languages
- 294.3K Development Tools
- 118 DevOps
- 3.1K QA/Testing
- 646.4K Java
- 30 Java Learning Subscription
- 37K Database Connectivity
- 185 Java Community Process
- 107 Java 25
- 22.1K Java APIs
- 138.3K Java Development Tools
- 165.3K Java EE (Java Enterprise Edition)
- 21 Java Essentials
- 172 Java 8 Questions
- 86K Java Programming
- 82 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.3K Java SE
- 13.8K Java Security
- 206 Java User Groups
- 24 JavaScript - Nashorn
- Programs
- 579 LiveLabs
- 41 Workshops
- 10.2K Software
- 6.7K Berkeley DB Family
- 3.5K JHeadstart
- 5.7K Other Languages
- 2.3K Chinese
- 191 Deutsche Oracle Community
- 1.1K Español
- 1.9K Japanese
- 240 Portuguese
Proxy Authentication with Oracle Users
Is it possible to use the node-oracledb in a Middle Tier for Proxy Authentication with Enterprise Users (or if not are there plans to enhance it so it can be)? Reading the security guide here https://docs.oracle.com/cd/B19306_01/network.102/b14266/apdvprxy.htm#i1007059
it discusses Using Proxy Authentication with Oracle Users where the user is identified by doing a OCI_ATTR_SET with an attrtype of OCI_ATTR_DISTINGUISHED_NAME and the distinguished name of the user which I assume you can extract from the X.509 certificate. (Alternatively the X.509 certificate itself, but it says that is to be desupported.) Looking through the C++ code for the driver and I can't find OCI_ATTR_DISTINGUISHED_NAME ever being used so I'm guessing this isn't supported yet. Is that correct?
Answers
-
You can currently use proxy logons like {user: "user1[user2]", password: "user1password", ...}. You can also set the client id (https://github.com/oracle/node-oracledb/blob/master/doc/api.md#endtoend).
Are you trying to use node-oracledb in an existing environment - can you describe the set up?
-
Sorry for late delay. It's a setup that uses authentication with Active Directory and Kerberos.