SSO with Active-Directory and Oracle on C# (VS 2010)

Question

Here is what we have :

• An Oracle database driven software which requires users authentication to start the application.
• An Active-Directory controller with which users authenticate to log on a session
• Oracle 10, Windows Server 2008, Windows 7 WS, C# (2010), DevExpress, old VB6 Framework

Here is what we'd like to do:

• Use the MS credentials to authenticate users skipping login in our application
• Map users' authentication informations (with A-D) to an Oracle privileges table
• Remove the login box unless the user has not enough privileges to use the app

Any clue, book reference, tutorial, guide, howto, sample, documentation will be MUCH appreciated!

Answer 1

Reading your Question, I was delighted to see you were in the same box as I was.

We, have an Oracle 9i driven application. I read with much interest that of Oracle 10g having AD functionalities, but regrettably we could not have our hands on it, but nevertheless be happy of what we have.

In this context, there is nothing but designing your own solution. For that, we have converted our Oracle username to AD equivalent username. Our idea was for each user session, the application checks whether the user is already authenticated with AD, if then we will create a session by applying a new application generated password to the AD authenticated user and then to connect to the Oracle DB using it. The Password generated is not known to the user or neither anybody planning that it will be in encrypted form. For each session, the password is generated and applied to the user.

There were drawbacks like overhead of changing password regularly but we could not find a better solution, If you have pls. share with us for the benefit of the community.