The Syncsort™ Capacity Management Acquire for UNIX/Linux has been enhanced to be able to connect to Oracle through the Listener which means it can now access databases that are not local to where the Acquire is installed and is not subject to the drawbacks of the bequeath protocol. Acquire will still use the bequeath protocol by default for compatibility with previous use, or it can be configured to use the Listener.
Prior to this change, the local user running Acquire had to be defined to Oracle as an ops$ user, meaning that once the user had logged into the operating system, Oracle would not need to have a userid or password. This has caused issues for some customers.
Using the Oracle Listener means that a userid and password are required, so to be able to store and access that in a secure manner, Acquire can now work with Oracle’s own Secure External Password Store feature, supported from Oracle 10g release 2 onwards. This allows the Oracle DBA to set up secure access and allow Acquire to connect to Oracle by providing only a connection string, retrieving the credentials from an Oracle Wallet (see later for details).
This method ensures
-
The customer retains has full control of the credentials used to connect to a database
-
No clear-text userids or passwords are present anywhere when connected that other users could access
-
A standard Oracle facility is used to encrypt and access credentials, so questions about its strength to resist penetration attacks are not Precisely’s responsibility