Does that user have DBA privs? Because if not, your logic is fine. Here's an example using a simple check for 'SCOTT'
SQL> CREATE OR REPLACE TRIGGER LOG_T_LOGON
2 AFTER LOGON ON DATABASE
3 DECLARE
4 osUser VARCHAR2(30);
5 machine VARCHAR2(100);
6 prog VARCHAR2(100);
7 ip_user VARCHAR2(15);
8 BEGIN
9 SELECT OSUSER, MACHINE, PROGRAM, ora_client_ip_address
10 INTO osUser, machine, prog, ip_user
11 FROM v$session
12 WHERE SID = SYS_CONTEXT('USERENV', 'SID');
13
14 IF user = 'SCOTT' THEN
15 RAISE_APPLICATION_ERROR(-20000,'Denied! You are not allowed to logon from host '||prog);
16 END IF;
17 END;
18 /
Trigger created.
SQL> conn scott/tiger
ERROR:
ORA-04088: error during execution of trigger 'SYS.LOG_T_LOGON'
ORA-00604: error occurred at recursive SQL level 1
ORA-20000: Denied! You are not allowed to logon from host sqlplus.exe
ORA-06512: at line 13
Warning: You are no longer connected to ORACLE.
SQL>