Quickviewer and Proxy user

Similar Messages

• My problem in using weblogic Datasource and proxy user

  Hello
  I create a DataSource in Weblogic that connect to the database by a proxy user and I have a client application that use this DataSource and create a proxy session , I've written my client application (it's a stand alone client application) code below :
  public static void main(String [] args) {
  OracleConnection conn=null;
  javax.sql.DataSource ds=null;
  Hashtable env = new Hashtable();
  env.put( Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory" );
  env.put(Context.PROVIDER_URL, "t3://127.0.0.1:7001");
  try{
  Context context=new InitialContext( env );
  ds=(javax.sql.DataSource) context.lookup ("OracleConnection2");
  conn=(OracleConnection) ds.getConnection();
  java.util.Properties prop = new java.util.Properties();
  prop.put(OracleConnection.PROXY_USER_NAME, "web_user1");
  prop.put(OracleConnection.PROXY_USER_PASSWORD,"web_user1");
  conn.openProxySession(OracleConnection.PROXYTYPE_USER_NAME, prop);
  if (conn.isClosed()){
  System.out.println("Connection closed");
  return;
  testJDBC(conn,true);
  for(int k=0;k<10;k++){
  testJDBC(conn,false);
  conn.close(OracleConnection.PROXY_SESSION);
  conn.close();
  }catch(Exception ex){
  ex.printStackTrace();
  It works but my problem is that in line "prop.put(OracleConnection.PROXY_USER_PASSWORD,"web_user1")" or line "prop.put(OracleConnection.PROXY_USER_NAME, "web_user1");"
  Let me to mention a scenario :
  *1- I type a wrong username or password in my client application and I run the client application it shows me this error : invalid username/password*
  *this error is acceptable*
  *2- then I correct the wrong username or password immediately and run the application again , it shows me this error (at line conn.openProxySession(OracleConnection.PROXYTYPE_USER_NAME, prop)) :*
  java.sql.SQLException: Closed Connection
       at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:234)
       at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:223)
       at weblogic.jdbc.rmi.internal.ConnectionImpl_weblogic_jdbc_wrapper_JTAConnection_weblogic_jdbc_wrapper_XAConnection_oracle_jdbc_driver_LogicalConnection_1032_WLStub.openProxySession(Unknown Source)
       at weblogic.jdbc.rmi.SerialConnection_weblogic_jdbc_rmi_internal_ConnectionImpl_weblogic_jdbc_wrapper_JTAConnection_weblogic_jdbc_wrapper_XAConnection_oracle_jdbc_driver_LogicalConnection_1032_WLStub.openProxySession(Unknown Source)
       at oracle.HRFacadeClient.main(HRFacadeClient.java:38)
  *3- I run the application again (by correct username and password) but this time it shows me this error :*
  java.sql.SQLException: Unsupported feature
       at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:234)
       at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:223)
       at weblogic.jdbc.rmi.internal.ConnectionImpl_weblogic_jdbc_wrapper_JTAConnection_weblogic_jdbc_wrapper_XAConnection_oracle_jdbc_driver_LogicalConnection_1032_WLStub.openProxySession(Unknown Source)
       at weblogic.jdbc.rmi.SerialConnection_weblogic_jdbc_rmi_internal_ConnectionImpl_weblogic_jdbc_wrapper_JTAConnection_weblogic_jdbc_wrapper_XAConnection_oracle_jdbc_driver_LogicalConnection_1032_WLStub.openProxySession(Unknown Source)
       at oracle.HRFacadeClient.main(HRFacadeClient.java:38)
  *4 - if I repeat running the application for multi times every time it shows me the previous error*
  *5- I wait about one minute the problem solved and my application can create proxy session *
  the result is that if I wanna create proxy session by wrong username or password and I get "Invalid username/password" error message , then after correcting username or password I have to wait about one minute and then run the application again_
  Do you know how I can overcome this problem ?
  Thank you

  Hi Jamshid,
  There is same problem observed few days back with us, and we have used the below code, and it got solved. Actually there is a problem observed while using proxy connections on weblogic.
  if(conn instanceof weblogic.jdbc.extensions.WLConnection){
       weblogic.jdbc.extensions.WLConnection cn=(weblogic.jdbc.extensions.WLConnection)conn;
       cn.clearStatementCache();
  http://rocksolutions.wordpress.com/2010/06/04/connection-pool-issue-on-weblogic/
  Hope this helps.
  Thanks

• External and Proxy User

  Hi,
  I currently have 2 users: APP_USER and OPS$APP_USER (External). I have granted OPS$APP_USER to be able to proxy authenticate APP_USER.
  As it is now, my external user can connect to the database like so:
  sqlplus /And I can connect via proxy auth like so:
  sqlplus OPS$APP_USER[APP_USER]/mypassBut what I want is to be able to connect without specifying the username and password. Maybe something like this:
  sqlplus [APP_USER]/Of course that's just a sample and it doesn't work. Is there a way to do this?
  Thanks,
  Allen

  Robert Geier wrote:
  External authentication really should be avoided whenever possible due to the security risks. Depending on your client version you may want to read up on Wallets.
  Depending on exactly what you are trying to achieve, you may want to consider a logon trigger which does an "alter session set current_schema= ...)
  Edited by: Robert Geier on Dec 6, 2011 8:34 AMHi,
  I will only have one external user and it won't be over the network.
  I will be invoking external shell scripts which will include sqlplus connections on it. For security reasons, I don't want to pass the password as a parameter on the script so instead I would like to use external user to connect easily and securely. I referred to this link http://asktom.oracle.com/pls/asktom/f?p=100:11:0::::P11_QUESTION_ID:142212348066.
  For the proxy auth, I have the APP_USER user have all the objects instead of the external user but I wish to give it privilege to run as APP_USER.
  I will check on the LOGON TRIGGER.
  Thanks,
  Allen

• Weblogic & JNDI Data Source with proxy user.

  We're trying to use Oracle proxy user authentication on a data source configured in WebLogic 10.3.6, however, we want to approach it in a programatic way. So we want to obtain the DataSource, and set the proxy related properties inside the application.
  We came up with the following snippet:
  Hashtable<String, Object> env = new Hashtable<String, Object>();
  env.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
  env.put(Context.PROVIDER_URL, "t3://10.1.1.10:7003");
  env.put(Context.SECURITY_PRINCIPAL, "weblogic");
  env.put(Context.SECURITY_CREDENTIALS, "weblogic");
  Context context = new InitialContext(env);
  javax.sql.DataSource ds = (javax.sql.DataSource) context.lookup("ds_puser");
  OracleConnection oconn = (OracleConnection) ds.getConnection();
  The problem comes up when we try to cast the connection to OracleConnection, the thing is that the returned type is actually a 1036_WLStub.
  How can we avoid that type or cast to it to something useful? I found this reference on Oracle forums and he's being able to cast it directly:
  Re: My problem in using weblogic Datasource and proxy user
  Can someone help us out?
  Thanks a lot in advance!
  Edited by: 990800 on 27-feb-2013 13:26

  A DataSource is an Interface. What the code gets from the jndi tree is some concrete object that
  the code doesn't need to know the name of, or anything specific about it, as long as it implements
  the DataSource Interface, which it successfully casts to, to allow calling the methods defined in the
  DataSource Interface. If you call for a plumber, you don't need to know his name as long as you
  can get a plumber, and can call the "Fix this leak" method, defined in the Plumber Interface.

• Different database connection or proxy user change

  Hi forms guys,
  in everyday life I am fulltime DBA, so please forgive my spare forms word pool.
  Our users open a forms application that displays a menu with forms applications the user has access to. Users can then click on the menu items and another form pops up. Now having reviewed the code, I can say that the opening of the new forms is done by calling the builtin OPEN_FORM. As parameter "SESSION_MODE" for this function, "SESSION" is supplied. If I understand correctly, this means that another session using THE SAME username/password/connectionstring is created (for the purpose of parallel transactions in parent and child form).
  At the moment each and every user (~400) has it's own database account which has roles (depending on the applications they are granted access to) assigned and also sometimes owns dblinks and synonyms. We want to get rid of them by storing the credentials in OID and just create ONE single application user for every application we host. This user shall contain all nescessary objects such as dblinks and private synonyms.
  The enduser then logs in using the proxy mechanism. For example if user XYZ (defined in OID) wants to start application ABC, then he/she connects like XYZ[ABC_APPUSER]/XYZPASSWD. This must occur when the form opens, directly after the OPEN_FORM call.
  Now my question: Is this possible somehow? Is there a way to have different database connections within a single forms window, if there are different forms? Or is it possible to make a switch to another proxy user within forms? e.g. JDBC has the ability to quickly switch to an other proxy user, without having to re-establish the whole session.
  All I have read so far tells me, that it is not possible. But I would really like to hear that acknowledged by experts. Also other, perhaps better ideas for our intention are welcome.
  Kindest regards
  Matschbirne

  Not really sure how to answer your question other than to say that from within your form's pl/sql you can connect and disconnect as often as you like programatically. However, you can only have one connection at a time (as far as I know). So if you connect as SCOTT and later want to do a login as FRED, you can do so, but SCOTT will no longer be connected.
  Forms does support using Oracle SSO, but for the most part cannot directly access OID. Also, the db login information needed by Forms (when using SSO) is stored in a RAD (Remote Access Descriptor) in OID. The RAD behavior is unique to Forms and Reports. For each SSO user there is a related RAD. At the moment, there is no provided way to have RAD groups (e.g. Admin, Sales, Guests, etc). So each user get their own RAD.
  If you are using Forms 11.1.x, Forms now supports db proxy users.
  More information about SSO and Proxy users with Forms can be found in the Forms Deployment Guide:
  http://docs.oracle.com/cd/E24269_01/doc.11120/e24477/sso.htm
  In the code, you can control the connection using the LOGON, LOGOUT, and LOGON_SCREEN built-ins. Refer to the Forms Builder online help for details on how to use these.

• Proxy User - Forms 11.1.2 and Oracle Database (version 10.1.0.5) ??

  Hi,
  we are migrating from Forms 6i to 11.1.2. Our database version is very old (Enterprise Edition, version 10.1.0.5) because this is the latest version of the DB that Forms 6i runs, and we will migrating to 11g in phases. So 6i and 11g will co-exists for a while (accesing the same DB).
  I am trying to use proxy users feature to login to database.
  So I did this:
  - I created a user PROXY_USR to be the proxy user:
  SQL> create user PROXY_USR identified by PROXY_PASW;*
  - I grant create session for the user:
  SQL> grant create session to PROXY_USR;*
  - I changed the application users (eg APPUSER01), to connect via proxy user:
  SQL> alter user APPUSER01 grant connect through PROXY_USR;*
  The comand in Forms module to login is:
  +LOGON('PROXY_USR[APPUSER01]','PROXY_PASW@DB01');+*
  The logon built is being performed and the connection being made, without erros.
  But when I verify in what user the application is logged on, the result is not
  what was expected:
  I did the follwing PL/SQL inside Form module:
  begin*
  select user into v_user_DB from dual;*
  MESSAGE('User Connected: '||v_user_DB,ACKNOWLEDGE);*
  exception*
  when others then*
  MESSAGE('ERR: '||SQLERRM,ACKNOWLEDGE);*
  end;*
  The result from this select, is PROXY_USR and not APPUSER01 (that would be the correct):
  *>>Result: "User Connected: PROXY_USR"*
  Some more commands that were also performed inside Forms module:
  begin+
  select sys_context('userenv','current_user') v_current_usr from dual+
  MESSAGE('Current User: '||v_current_usr,ACKNOWLEDGE);+
  exception+
  when others then+
  MESSAGE('ERR: '||SQLERRM,ACKNOWLEDGE);+
  *>>Result: "User Connected: PROXY_USR"*
  begin+
  select sys_context('userenv','proxy_user') v_proxy_user from dual;+
  MESSAGE('Current User: '||v_proxy_user,ACKNOWLEDGE);+
  exception+
  when others then+
  MESSAGE('ERR: '||SQLERRM,ACKNOWLEDGE);+
  *>>Result: "Proxy User: "*
  OBS: when a connect via SQL*Plus, in a 11g database (Express), and run the commands above, the results are OK. The
  APPUSER01 is returned.
  Any ideas ?? I will open a SR in Metalink, but I think they will first request a database upgrade,
  which is not feasible for us at the moment ...
  Thanks in Advance.
  Franco

  Unfortunately besides trying on a certified combination (maybe use the Developer Database VM and import the required schemas for trial) and going through the documentation at http://docs.oracle.com/cd/E24269_01/doc.11120/e24477/sso.htm I can't offer more. I don't have a 10gR1 database anymore and also I don't have OID to play with.
  cheers

• Proxy user and tracing?

  Is it possible to sql trace user sessions when proxy user is in use?
  I.e., how to identify what sql statements belong to a particular application user ?

  No, application user is scott.
  POOL USER = sapr3
  APPLICATION USER = scott
  Now, there could be possibly many application users all connecting through a pool user (sapr3).
  I know i can enable trace on the pool session, this trace is going to contain SQL of all apllication users which are connected through this physical pool session, but this is useless,
  I want to trace a particular application user.
  Auditing has something like this, but I am looking for similar with respect to tracing.
  Auditing Proxy Activities
  Actions taken by proxy connections can be audited with standard database auditing commands such as the following:
  AUDIT SELECT TABLE ON customers BY midtier ON BEHALF OF karen;
  AUDIT SELECT TABLE ON customers by acct_mgr ON BEHALF OF all;
  In either of these cases, the proxy information is included in the audit trail views.

• OSB db-adapter: how to pass a proxy user or something like this?

  Hello, on OSB with a Oracle db-adapter, I'd like to do some database updates. Usually the db-adapter is set up with a technical database user.
  But on database side, this way I don't know exactly which user has been updating my table because only the technical user will be inserted into "Created_by" Column
  (select USER from dual ==> technical user).
  Now I thougt about using Proxy Users. But there exists some other Problems:
  - every proxy user has to be initially created in the database
  - how can I pass proxy user and technical user from OSB to the database?
  (using JCA, JNDI and JDBC Data Sources)
  ... on JDBC datasources I can only specify hard coded userid/password (--> technical user)
  Any help would be appreciated. Maybe some good white papers or tutorial exists in the web, but I can't finde a good one.
  Thanks
  Best regards

  You can pass in the adapter header property "jca.db.ProxyUserName". That way you can specify a user for each invoke.
  I got confirmation that OSB supports setting these properties. The sample adapters-db-201-MovieImages on soasamples.samplecode.oracle.com > Adapters shows working with header properties but with Mediator.
  Thanks
  Steve

• Error when connect proxy user

  i using ODP.NET connect to oracle database with proxy user, when i connect with a password not correct then i can't again connect with password correct after.
  string[] cs = new string[2];
  cs[0] = "Data Source=orcl;User Id=user1;Password=pass1;"+
  "Proxy User Id=proxyuser;Proxy Password=pass;Pooling=true";
  cs[1] = "Data Source=orcl;User Id=user1;Password=pass2;"+
  "Proxy User Id=proxyuser;Proxy Password=pass;Pooling=true";
  using (OracleConnection oc = new OracleConnection(cs[0]))
  try
  oc.Open();
  catch (OracleException ex)
  oc.Close();
  using (OracleConnection oc = new OracleConnection(cs[1]))
  try
  oc.Open();
  catch (OracleException ex)
  oc.Close();
  using (OracleConnection oc = new OracleConnection(cs[0]))
  try
  oc.Open();
  catch (OracleException ex)
  oc.Close();
  Part 3: always wrong. it can't open
  Please help me.
  Message was edited by:
  bvnhan

  Hi,
  I tested the following and got the expected results (doenst connect). I'm using 10.2.0.2 ODP, and got the same behavior pointing to 9206 db and 10.2.0.2 db.
  I did a quick check and dont see any obvious related bug fixes in ODP, but if you're not using 10.2.0.2 ODP, you might want to try that.
  Here's exactly what I tested.
  Cheers
  Greg
  CODE
  ==========================
  drop user proxyacct cascade;
  drop user puser1 cascade;
  create user proxyacct identified by pass;
  create user puser1 identified by pass;
  grant connect, resource to proxyacct;
  grant create session to puser1;
  ALTER USER puser1 GRANT CONNECT THROUGH proxyacct AUTHENTICATED USING PASSWORD;
  using System;
  using System.Data;
  using Oracle.DataAccess.Client;
  public class testproxy
  public static void Main()
  string goodstring ="data source=orcl;user id=puser1;password=pass;proxy user id=proxyacct;proxy password=pass";
  string badstring = "data source=orcl;user id=puser1;password=;proxy user id=proxyacct;proxy password=pass";
  using (OracleConnection oc = new OracleConnection(goodstring))
  try
       oc.Open();
       Console.WriteLine("con1 connected");
  catch (OracleException ex)
       Console.WriteLine("exception caught1 " + ex.Message);
  using (OracleConnection oc = new OracleConnection(badstring))
  try
       oc.Open();
       Console.WriteLine("con2 connected");
  catch (OracleException ex)
       Console.WriteLine("exception caught2 " + ex.Message);
       // still need this to work around the problem
       // of next connection getting the same error this one did
       OracleConnection.ClearPool(oc);
  using (OracleConnection oc = new OracleConnection(goodstring))
  try
       oc.Open();
       Console.WriteLine("con3 connected");
  catch (OracleException ex)
       Console.WriteLine("exception caught3 " + ex.Message);
  MY OUTPUT
  ===============================
  con1 connected
  exception caught2 ORA-28183: proper authentication not provided by proxy
  con3 connected

• A network error when i tested the connection of a proxy user

  Good evening
  I 'd created a 3 appliances Filer system . Filer 1.1.0.653
  The Filr Apl is in DMZ and every ports are open between it and the 2 Windows boxes (AD and File Sharing)
  Every thing seems well. I could inport AD users, create filr users, and work ...
  But when i want to create a NetFolder server, impossible to pass the connection test
  Name : Cn=Administrateur, cn=Users,dc=arcdom,dc=arcane-inf,dc=com (Administrateur because i'm French :=)
  or
  Name : Administrateur
  or
  Name = arcdom\Administrateur
  Click on test connection => an network error occurs
  I'd try with a "Filr" ADuser with same ACL as Administrateur, same ...
  The Novell-FAMT is running. (I tried to restart it without succes)
  Help .......
  LP Irovetz

  Originally Posted by LPIROVETZ
  Good evening
  I 'd created a 3 appliances Filer system . Filer 1.1.0.653
  The Filr Apl is in DMZ and every ports are open between it and the 2 Windows boxes (AD and File Sharing)
  Every thing seems well. I could inport AD users, create filr users, and work ...
  But when i want to create a NetFolder server, impossible to pass the connection test
  Name : Cn=Administrateur, cn=Users,dc=arcdom,dc=arcane-inf,dc=com (Administrateur because i'm French :=)
  or
  Name : Administrateur
  or
  Name = arcdom\Administrateur
  Click on test connection => an network error occurs
  I'd try with a "Filr" ADuser with same ACL as Administrateur, same ...
  The Novell-FAMT is running. (I tried to restart it without succes)
  Help .......
  LP Irovetz
  From the docu:
  Click the Authentication tab, then specify the following information:
  Proxy name and password: Specify the fully qualified, comma-delimited name and password for the proxy user used to access the OES, NetWare or Windows, server. (You can use the Browse icon next to the Proxy field to browse the LDAP directory for the proxy user that you want to use.)
  IMPORTANT:Before you specify a proxy name and password for the Net Folder server, ensure that you review the information in Section 8.1.2, Planning the Net Folder Server Proxy User.
  Test connection: Click this button to ensure that the path is accurate and that the credentials are valid, then click OK after the test succeeds.
  Sometimes proxy users with the incorrect context pass this test. Ensure that the context for your proxy user is correct, as described in Expected Name Format for File Servers.
  Authentication type: Select the authentication service for the file server that you are connecting to. This option corresponds with the Server type setting that you selected on the Configuration tab. If you selected OES or NetWare as the server type, only Novell NMAS is available as the authentication type. If you selected Windows as the server type, you can select either Kerberos, NTLM, or Auto detect as the authentication type. (Auto detect means that it tries authenticating with Kerberos first, and if that fails, authenticates with NTLM.)
  NOTE:If Kerberos is selected as the authentication type, ensure that the DNS name server is able to resolve DNS queries for the Active Directory domains.
  If the Kerberos port (port 88) is disabled on the Windows server, select NTLM as the authentication type.
  So you should use comma delimited name for the username... Did you also try browsing for the user using the icon there?
  Does is log any specific error message in /opt/novell/filr/apache-tomcat/logs/appserver.log file when you try to test the connection?
  Thomas

• How to pass Proxy user dynamically in Toplink proxy authentication?

  Hi,
  I'm using Toplink Proxy Authentication with my ADF JSF application and want to pass the Proxy user dynamically to the preLogin(..) method of mySessionEventListener (Currently proxy user is hard coded).
  This is to make my application user as the Proxy user.
  I have tried to do this in two ways:
  1) In my Login screen Backing Bean, I retrieve the session as
  session = sessionFactory.acquireSession(); and set the application user in it as
  session.setProperty("proxyUser1", inputText1.getValue());
  But,
  session.getProperty("proxyUser1") returns null in the preLogin(..) method
  2) I add a loginUser property to the mySessionEventListener class and create a constructor to set it.
  Then I call the constructor from my Login Backing Bean as
  mySessionEventListener eventMgr = new mySessionEventListener(<proxy_user>);
  session.getEventManager().addListener( eventMgr );
  But, the loginUser property seeems to be transient and does not retain value when retrieved in preLogin(..) method.
  Please indicate if anything is wrong. Also, is there any other way to get this done?
  Thanks in advance.
  Vikas

  Hi Vikas,
  Probably your sessions.xml defines a ServerSession, and acquireSession method returns a ClientSession. ServerSession is the object that connects to the database, it may have any number of ClientSessions associated with it - all of them use connections provided by ServerSession's connection pools.
  So if you'd like to alter the serverSession before login, acquireSession is too late - it triggers login of the ServerSession and returns a ClientSession.
  To get the ServerSession before login:
  // the first param indicates that the session shouldn't be connected
  Session serverSession = sessionFactory.getSharedSession(false, false);Now you have a serverSession on which login hasn't been called yet.
  You can set the property into the session, or directly into its login.
  In fact you may choose to do whatever you wanted to do in preLogin right here - in this case no preLogin event would be required of course.
  Finally to get a ClientSession, call the same api did:
  // the first param indicates that the session shouldn't be connected
  Session clientSession = sessionFactory.getSession();On the first such call the ServerSession will be connected.
  Note that because all the ClientSessions will connect through the connections provided by the same ServerSession they will all use proxyUser1.
  If you are interested in using different proxy users for different ClientSessions http://www.oracle.com/technology/products/ias/toplink/doc/1013/main/_html/dblgcfg008.htm#BABDABCF lists several scenarios for that.
  Andrei

• ADF 11g - Proxy User

  Hi,
  We have configured our APP with a datasource but have a problem...
  A lot of our database packages / triggers make use of the explicit 'user' which means that although our app is authenticating
  as "tester" (against an LDAP V3 Repository - OID) , our triggers update with the underlying data source connection ('bto') rather than our authenticated user.
  In 10.1.3.3 we had to use a custom proxy authentication class, which only worked with 1 app deployed in a container and required JDBC credentials
  Does anyone know of any way to do this in 11g in a better fashion?
  Any help is appreciated
  Thanks

  In 10.1.3, the way to use a Database Proxy User was to override the prepareSession() method of your application module to do something like this:
    protected void prepareSession(Session session) {
      Statement st = null;
      try {
        st = getDBTransaction().createPreparedStatement("rollback",0);
        OracleConnection oConn = (OracleConnection)st.getConnection();
        Properties props = new Properties();
        props.put("PROXY_USER_NAME",   ___ActualUserName___  );
        oConn.openProxySession(OracleConnection.PROXYTYPE_USER_NAME,props);
      catch (SQLException s) {
        // ignore
      finally {
        if (st != null) {
          try {
            st.close();
          catch (SQLException s) { /* ignore */ }
      super.prepareSession(session);
    }

• Proxy users  - oracle 9.2  - accessing via sql plus

  I may be totally off track here, but here is what I want
  to do.
  I have 2 schema's (schema A and schema B).
  schema A has multiple objects (tables) within it.
  I want to allow another user, schema B to access these objects. Can I use the Proxy User settings to do this? By going in and allowing Schema B to proxy for this user (shcema a). "ALTER user schemaA GRANT CONNECT THROUGH schemaB"
  I try this and then go into sqlplus and log in as
  schemaB, but I can't see any of schemaA's objects.
  Am I missing somthing here?
  In the past I have always assigned the proper grants to a role and assinged them to schema B as needed which works fine. However, it seemed to me if the proxy user worked the way I thought it would you could do things for an entire schema at one time instead of object by object using the grants.
  Thanks
  John

  The command "oemapp.bat" does not yield any output at the command line. Here comes a session log:
  >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
  D:\oracle\ora92\bin>oemapp.bat
  D:\oracle\ora92\bin>sqlplusw
  Zugriff verweigert (= access denied)
  D:\oracle\ora92\bin>dir oem*
  Volume in Laufwerk D: hat keine Bezeichnung.
  Volumeseriennummer: A0D5-BD0B
  Verzeichnis von D:\oracle\ora92\bin
  17.10.2006 11:15 4.971 oemapp.bat
  26.04.2002 16:29 24.848 oemautil.exe
  26.04.2002 16:29 20.752 oemevent.exe
  3 Datei(en), 50.571 Bytes
  0 Verzeichnis(se), 18.221.547.520 Bytes frei
  D:\oracle\ora92\bin>dir sqlplus*
  Volume in Laufwerk D: hat keine Bezeichnung.
  Volumeseriennummer: A0D5-BD0B
  Verzeichnis von D:\oracle\ora92\bin
  27.04.2002 00:07 459.024 sqlplus.exe
  26.04.2002 23:58 700.416 sqlplusw.exe
  2 Datei(en), 1.159.440 Bytes
  0 Verzeichnis(se), 18.221.547.520 Bytes frei
  <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
  I'm glad about your immediate response!
  Message was edited by:
  user542934

• Proxy User Authentication with SQL Developer

  Hello,
  I realized that there are 2 methods for configuring SQL Developer to user Proxy User Authentication.
  1) one-session method with Syntax:
  personaluser[appuser]
  2) two session-method with dialog "Proxy Connection"
  For me it is unclear, why anybody would want to use the two-session-method.
  a. you need username/password for both user acocunts (personaluser and appuser)
  b. it is unclear which operations in SQL Developer are using the personaluser account. It seems that the SQL Window is only using appuser account.
  What was the motivation to implement Two Session Method?
  Best regards,
  Martin

  I found the possibility that proxy authentication of both accounts can be enforced:
  SQL> alter user appuser grant connect through personaluser AUTHENTICATION REQUIRED;
  I guess that this is the motivation for implementing the 2-session proxy connection method in SQL Developer.
  Regards,
  Martin

• [OIM] Proxy User with groups

  Dear people,
  I have a scenario where there is a resource with an approval workflow, with 2 steps: in the first the Manager of the requester is the one who must approve. In the second step, a group is assigned as the one who has to make the approve.
  I give a proxy to the Manager and another proxy to one of the group members.
  When the workflow reaches the Manager approval step, it is automatically assigned to the proxy (what I expected).
  The problem arises when the workflow reaches the group approval step, the assignment is still made to the user that is member of the group, not to his proxy user. Is this an OIM limitation? Some workaround?
  Thanks!

  Hi,
  when we assign the task to a group then if the proxy user is the part of that particular group then he has that task automatically why to duplicate the task and if proxy user is not the memeber of the group then he is not authorize to have that task because he is not the member of that group. As user set him as proxy user for him not for group.
  I hope this answer your query....
  Regards
  Alabhya Goel