Devart Forums

Hi !

I'm using ODAC and I decided to add PlugIn functionality to my program.
I followed your example of using ODAC in DLL and i found out that i can read current oracle user password from PlugIn. It is unacceptable for security reasons. Can you please help me to solve this problem.

Thanks !

There is no such feature in ODAC to create TOraSession object by session handle. You can use Proxy session feature to connect without password, but in any case password is located in the same adress space with your PlugIn and is passed in plain text to the OCI, so there is no big difficulties to intercept it. To protect your address space you need to use third-party products.