A relatively new feature, Proxy User Authentication allows you to connect using someone else’s credentials.
Or as Oracle-Base puts it:
Since Oracle 9i Release 2 it has been possible to create proxy users, allowing you to access a schema via a different username/password combination. This is done by using the GRANT CONNECT THROUGH clause on the destination user.
So I’m going to alter a user, SCOTT, to allow for this.
ALTER USER SCOTT GRANT CONNECT THROUGH HR;
Now, how do I tell SQL Developer to do this?
You can use the standard Oracle connect strings for proxy users, PROXY_USER[ME].
I’m SCOTT, but I want to login using HR’s stuff.
You an also use the Advanced connection properties button to explicitly setup the PROXY details.
What about that proxy password field?
Well, IF you had altered SCOTT this way, you’d need to also know their password as well.
ALTER USER scott GRANT CONNECT THROUGH hr AUTHENTICATED USING PASSWORD;
With this, you’re saying, ok, i’ll let you connect through HR, but I’m still gonna need SCOTT’s password too.
What’s that ‘Distinguished Name’ stuff?
Well, if you want to use a mid tier to authenticate your user, and you want to go through Oracle Internet Directory (OID), then you’re going to need to use the Distinguished Name (DN) information.
That’ll look something like this…
CREATE USER jeff IDENTIFIED GLOBALLY AS 'CN=jeff,OU=americas,O=oracle,L=redwoodshores,ST=ca,C=us'; ALTER USER jeff GRANT CONNECT THROUGH scott AUTHENTICATED USING DISTINGUISHED NAME;
I think it’s very handy that the Database Docs like to use my name for the example, but I really don’t know more here than what the Docs say – I have no experience here using this sort of authentication. But, this is where you’d go to set up your SQLDev connection once it’s going.