prevent a specific user from accessing database from sqlplus
Neo-bDec 17 2012 — edited Dec 18 2012Hello All,
I have a security requirement that one specific database user (APP_USER) should not be accessing the database by human, only the application can access the database using this user.
My issue that I am giving the password to the application user in order to set it in their configuration file and then connect to the database. So i cannot be sure that they will not use it to connect to the database using sqlplus/ toad ...
Is there any way to prevent a user (APP_USER) to login from sqlplus for ex?
I have any idea to create a stored procedure that runs every 1 minute for ex and select v$session where user='APPUSER' and program = 'sqlplus' and then if there any connected session to kill it.
Is there any way better?