Skip to Main Content
  • Questions

  • retrieving client hostname via application server

Breadcrumb

Question and Answer

Tom Kyte

Thanks for the question, Mohammed.

Asked: August 20, 2007 - 9:04 am UTC

Last updated: August 27, 2007 - 4:19 pm UTC

Version: 10.1.2

Viewed 1000+ times

You Asked

Dear Tom ;

This my first time in your site , I want to know the machine name or ip address of client side if he fails to login or succeed, I set audit_trail to DB ,the end user connect via oracle appliaction server (3-tier),

db username =scott
user hostname =host01
os_username =user01
application server=app01
oracle owner =oracle

and I have the following:

SQL> select username, userhost, os_username from dba_audit_session;

username             userhost        os_username
--------             --------        -----------
scott                  host01         user01  ===>connect via SQL*PLUS
scott                  app01          oracle  ===>connect via OAS

So as you see , I have the oracle owner and the application server name when I logged from oracle application server which i don't want to see.

where as it is clear to see all information when you log direct to Database such as SQL*PLUS.

Is there any way to know the machine name of client who connect via application server if he fails or succeed to login??


How we can take the advantage of webutil to audit the failed login through oracle application server either by using audit trail or Logon triggers.




and Tom said...

the client in this case IS the application server.

the client using the browser doesn't have a bit of Oracle code installed at all - they are not visible to the database even a tiny bit.

An application server isn't anything "special", just another piece of software, to the database it is of course the only client.

for example, I use my palm pilot (palm treo) to connect to websites, the concept of a "OS user" is sort of foreign in that case.

The application server application would have to audit this information - especially for a failed logon attempt - since they are the ONLY ones on the planet that know that a browser (and who is running that browser - they MIGHT know that but that is trivial to spoof - very very trivial to spoof it all and proxy servers and stuff just make it even "less easy" for you) was being used in the first place.

Rating

  (2 ratings)

Is this answer out of date? If it is, please let us know via a Comment

Comments

auditing failed login via application server

Mohammed Kafaween, August 22, 2007 - 2:27 am UTC

Hi Tom;

Thank you very much for your response , I beleive that ORACLE can do many things to let my site secure ...
And now , i hope that you can guide me to audit clients via application server (Enterprise Manager) as you said " The application server application would have to audit this information " , so please help because it is one of the main issues I work on it NOW ..

Best regards

How to trace the locked users

Kafaween, August 26, 2007 - 10:28 am UTC

Dear Tom ;

I know that i disturb you , but there is one of my end users who connects to application server with his friend username - with wrong password - ,he locked the username several times , I need to know him , give me any suggestion to know him .

Tom Kyte
August 27, 2007 - 4:19 pm UTC

go to your application programmers and ask them "hey, where do you guys audit failed attempts to?"
more

Connor and Chris don't just spend all day on AskTOM. You can also catch regular content via Connor's blog and Chris's blog. Or if video is more your thing, check out Connor's channel and Chris's channel from their Youtube channels. And of course, keep up to date with AskTOM via the official twitter account.

More to Explore

PL/SQL demos

Check out more PL/SQL tutorials on our LiveSQL tool.

PL/SQL docs

PL/SQL reference manual from the Oracle documentation library