1 Reply Latest reply: Feb 28, 2013 10:44 AM by JustinCave RSS

    Controlling applications over the database

      Hi Experts,

      Could someone guide me a feature to implement the following requirements in oracle database on Solaris server.

      The database should not allow a connection to applications ( sql developer, other vendor applications ) other than "Toad"

      Thanks and Regards,
      Sakthivel Gopal
        • 1. Re: Controlling applications over the database
          The requirement is not sensible.

          It is possible to implement a login trigger that checks to see either the name of the executable or some attribute that the executable sets in v$session (different versions of TOAD identify themselves differently). However, this does not add any meaningful security since you'd have to rely on information that the client is sending. It would be trivial for me to change the name of an executable on my system or modify some other executable to identify itself as TOAD.

          Beyond that, why would you care what tool I use to access the database? What possible security benefit is there in knowing that I used TOAD to log in and do something rather than using SQL Developer to log in and do exactly the same thing?