This content has been marked as final. Show 1 reply
The requirement is not sensible.
It is possible to implement a login trigger that checks to see either the name of the executable or some attribute that the executable sets in v$session (different versions of TOAD identify themselves differently). However, this does not add any meaningful security since you'd have to rely on information that the client is sending. It would be trivial for me to change the name of an executable on my system or modify some other executable to identify itself as TOAD.
Beyond that, why would you care what tool I use to access the database? What possible security benefit is there in knowing that I used TOAD to log in and do something rather than using SQL Developer to log in and do exactly the same thing?