10
Choosing and Combining Authentication Methods

This chapter describes how to use conventional user name/password authentication even if you have configured another authentication method. It also discusses how to configure your network to use one or more authentication methods in your network using the Oracle Advanced Security option and how to set up more than one authentication method on a client or on a server.

This chapter covers the following topics:

• Connecting with User Name and Password

• Configuring Oracle For Multiple Authentication Methods

Connecting with User Name and Password

To connect to an Oracle server using a user name and password when an Oracle Advanced Security option authentication method has been configured, disable the latter.

More Information: See "Disabling Oracle Advanced Security Authentication".

Using Net8 Assistant

This graphical interface tool makes it easy to set parameters in the sqlnet.ora file and other Oracle8i configuration files.

To launch Net8 Assistant:

• On UNIX, run the script netasst at $ORACLE_HOME/bin.

• On Windows platforms, click the Start button > Programs > Oracle for Windows NT--HOME_NAME > Net8 Assistant.

To begin configuring the Oracle Advanced Security option using Net8 Assistant:

In the Net8 Assistant's left pane, click the Profile folder. Then go to the drop down list box at the top of the right pane, and select Advanced Security Option. The tabbed pages for the Oracle Advanced Security option appear.

To save changes with Net8 Assistant:

Go to the menu bar and click File > Save Network Configuration.

Disabling Oracle Advanced Security Authentication

Do this either by using the Net8 Assistant, or by using any text editor to modify the file sqlnet.ora.

Figure 10-1 Using Net8 Assistant to Disable Authentication

Use the Net8 Assistant...	...or modify SQLNET.ORA
Refer to Figure 10-1. Click the Authentication tab. Select a method listed in the Selected Methods area, and transfer it to the Available Methods area by clicking the left arrow [<]. Repeat until all methods are removed from the Selected Methods area.	Set the following parameter as follows: SQLNET.AUTHENTICATION_SERVICES = (NONE)

A user can now connect to a database using the following user name/password format:

% sqlplus username/password@net_service_name

For example:

% sqlplus scott/tiger@emp

Configuring Oracle For Multiple Authentication Methods

Many networks use more than one authentication method on a single security server. For this reason, the Oracle Advanced Security option allows you to configure your network so that Oracle clients can use a specific authentication method and Oracle servers can accept any method specified.

This section describes how to set up Oracle servers and clients to use multiple authentication methods.

Set up multiple authentication methods on both client and server machines either by using the Net8 Assistant, or by using any text editor to modify the sqlnet.ora file.

The following instructions apply to both clients and servers.

Figure 10-2 Using Net8 Assistant to Configure Multiple Methods

Use the Net8 Assistant...

...or modify SQLNET.ORA

Refer to Figure 10-2. Select Authentication tab. Select a method listed in the Available Methods list. Click the right arrow button [>] to transfer the selected method to the Selected Methods list. Repeat until you have added all your required methods to the Selected Methods list. Arrange the authentication methods in the order of desired use by selecting a method and clicking either [Promote] or [Demote]. Authentication will occur starting with the first method listed at the top of the Selected Methods list.

Set the following parameter: SQLNET.AUTHENTICATION_SERVICES= (RADIUS | CYBERSAFE | KERBEROS | SECURID | IDENTIX) Enter the name of each authentication method until you have added all your required methods. Example: SQLNET.AUTHENTICATION_SERVICES =(SECURID,CYBERSAFE)

---