Devart Forums

Discussion forums for open issues and questions concerning database tools, data access components and developer tools from Devart
https://forums.devart.com/

Stored procs vs. direct SQL, password confidentiality

https://forums.devart.com/viewtopic.php?f=1&t=7316

Page 1 of 1

Stored procs vs. direct SQL, password confidentiality

Posted: Thu 07 Sep 2006 09:28
by labate
Hi,

Do you see any argument in favor or against usage of a stored procedure vs. direct SQL in code with CoreLab library?

Performance?
Database user confidentiality (db user is only authorized to call stored procs, etc.) ?

My boss is very paranoiac about db user password confidentiality. Has someone already implemented a way to have the username/pwd fields encrypted in an external config file and decrypted in code to be used to connect to a DB?

Thanks.
Adriano Labate

Posted: Thu 07 Sep 2006 10:46
by Alexey
Regarding database user confidentiality we cannot give you any advices. Please refer to Oracle server documentation.
Regarding performance, OraDirect works quickly with both stored procedures and direct SQL statements.
Password to be tranferred to ConnectionString one may take anywhere he/she wants.
We do not support this possibility because of great number of the different methods of storage.
Password is transmitted via network in the encrypted state. Oracle takes care about this itself.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/