Beefy Boxes and Bandwidth Generously Provided by pair Networks
Just another Perl shrine
 
PerlMonks  

DBI Password connection to Oracle

by dougX (Initiate)
on Jun 28, 2005 at 17:07 UTC ( [id://470720]=perlquestion: print w/replies, xml ) Need Help??

dougX has asked for the wisdom of the Perl Monks concerning the following question:

Oh all ye monks can you come up with a viable solution?

I need to cconnect via some arbitrary machine known to my network either via cgi or back end perl scripts to a oracle DB. Further I need to:

  • NOT have a password that is not encrypted.
  • NOT rely on a password server.
  • Not be able to log into the machine and decrypt the password as a normal user.
  • Not be able to get the password into a variable in perl.
  • detetermine if I can connect as the user requested based on the local user and machine.

Tall order..., any ideas?

Much thanks
dn

Replies are listed 'Best First'.
Re: DBI Password connection to Oracle
by Transient (Hermit) on Jun 28, 2005 at 17:18 UTC
[reply]
      I do not know that your solution meets the Not be able to log into the machine and decrypt the password as a normal user. or Not be able to get the password into a variable in perl. requirements.


      -Waswas
[reply]
        Well, as far as the first one goes, it's impossible if the "normal user" is the same as "nobody" or whatever the CGI/Perl user is. If that user can't 'read' the password file, it's a lost cause, period.

        The second one has nothing to do with "identified externally". It should use the UNIX user id/password to validate the user (without the need to pass the actual password). This may or may not work across a network depending upon the flavor of *NIX and type of Oracle. However, remote login via ssh is available without passing a password using public/private key encryption, so I'd figure something similar would be possible here (although I'm not 100% on that).
[reply]
Re: DBI Password connection to Oracle
by waswas-fng (Curate) on Jun 28, 2005 at 17:30 UTC
    The the only thing I can think of that meets all of these requirements is to do some type of service on the network that fetches data from oracle and sends back the data to the machines script. This should be relativity easy to do with SOAP::Lite client/server and some server side DBI/exported subs that return data structures after doing the update/selects. You can have the server side soap do whatever (sounds like very limited) auth from your requirements. The server side soap can be wide open or locked down to IP's etc via apache or your cgi.

    Could you provide more detail into what you actually are trying to do here? This solution may be way off base depending on the actual need (besides the list of non-auth requirements above).


    -Waswas
[reply]

Back to Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: perlquestion [id://470720]
Approved by kaif
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others browsing the Monastery: (5)
As of 2024-04-24 12:30 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found