Trusted Signon with a Twist

[jwellsnh]

Looking for a response from those that can be open-minded on the topic of trusted signon. My shop is an Oracle shop and would like to implement the following scenario. Responses that "it can't be done" will be accepted provided that you can state why.

Scenario:
A directory service will Authenticate a user with a userid and password. Access Manager will then pass to Oracle only the userid. In this case, Oracle will then trust Cognos to have provided an authenticated or trusted account.

Will it work with Cognos in the mix is the question? Does it work without Cognos, yes. We use it all the time to run batch type jobs for our data warehouse. UNIX authenticates a user and Oralce then trusts that userid and then provides what priviledges it has rights to.

I look forward to your repsonsed. If anyone wants to discuss by phone, pleas contact me at 603 271-0980.

 

[Draoued]

I don't know what you mean by with a Twist.

I assum that you have Access Manager installed with your Cognos environment.
Why don't you create a database Signon ( userid/password) and associate your cognos user to it.
Then when you go to Oracle your Oracle user-id is already known.
That s working fine with Cognos Query and IWR.

But if you want to do it with another tool , like Oracle WebForm I don't know how you can pass the Cognos Signon to Oracle applications.

 

[jwellsnh]

The twist is that a database password is not present at the Cognos/Directory level and is esstentially unknown to those parties. What this accomplishes is that data cosumers can only access our Oracle data via Cognos and by no other means, i.e. ODBC, SQL PLus, TOAD, etc because they will not know there Oracle password.

Your response explained on how you have implemented via Cognos, what I'm looking for is not other methods but a discussion on whether Cognos can function in the scenario presented.

Again I look forward to those that explain to me why Cognos cannot be establish in this manor.