Using the Network to Authenticate Users
If network authentication services are available to you, then Oracle Database can accept authentication from the network service. If you use a network authentication service, then some special considerations arise for network roles and database links. Note: To use a network authentication service with Oracle Database,
you need Oracle Database Enterprise Edition with the Oracle Database Advanced Security option. See Also: Oracle Database Advanced Security Administrator's Guide for information about Oracle Enterprise Edition with the Oracle Database Advanced Security option
Authenticating Using Kerberos Kerberos is a trusted third-party authentication system that relies on shared secrets. It presumes that the third party is secure, and provides single sign-on capabilities, centralized password storage, database link authentication, and enhanced PC security. It does this through a Kerberos authentication server, or through Cybersafe Active Trust, a commercial Kerberos-based authentication server. See Also: Oracle Database Advanced Security Administrator's Guide for more information about Kerberos
Authenticating Using RADIUS Oracle Database supports remote authentication of users through the Remote Authentication Dial-In User Service (RADIUS), a standard lightweight protocol used for user authentication, authorization, and accounting. For information about how to configure RADIUS, see Oracle Database Advanced Security Administrator's Guide. Authenticating Using Directory-Based Services Using a central directory can make authentication and its administration efficient. Directory-based services include the following: â–
Oracle Internet Directory, which uses the Lightweight Directory Access Protocol (LDAP), uses a central repository to store and manage information about users (called enterprise users) whose accounts were created in a distributed environment. Although database users must be created (with passwords) in each database that they need to access, enterprise user information is accessible centrally in the Oracle Internet Directory. You can also integrate this directory with Microsoft Active Directory and SunOne. For more information about Oracle Internet Directory, see Oracle Internet Directory Administrator's Guide.
â–
Oracle Enterprise Security Manager lets you store and retrieve roles from Oracle Internet Directory, which provides centralized privilege management to make administration easier and increase security levels. For more information about Oracle Enterprise Security Manager, see Oracle Enterprise Manager Advanced Configuration.
Authenticating Using Public Key Infrastructure Authentication systems based on public key infrastructure (PKI) issue digital certificates to user clients, which use them to authenticate directly to servers in the enterprise without directly involving an authentication server. Oracle Database
Configuring Authentication 3-23