This feature is described briefly in the getting to know Oracle8i guide
as follows:
Multi-Tier Authentication and Authorization
Oracle8i also offers security to multi-tier architectures. In some systems, the middle
tier is super-privileged to perform any action on behalf of any user, and the identity
of the real client is not preserved through the middle tier. Middle tiers, especially
Web servers or application servers, often sit on or outside a firewall, so limiting
their access and auditing their actions is especially important.
Oracle8i provides the ability to preserve the real client identity through the middle
tier and limit the users on whose behalf a middle tier can connect. The server can
also audit actions taken by the middle tier on behalf of a particular user.
To support this feature, syntax changes have been made to the ALTER USER and
AUDIT statement. For more information, see Oracle8i SQL Reference.
Unfortunately -- that is about the extent of the documentation available
for this feature as of the 8.1.5 release (to be corrected with the 8.1.6
documentation). In light of this, we've made available the attached
white paper which describes this feature in some more depth and offers
an OCI example of how to make use of this feature.
This paper was developed by