Oracle Database 12c supports proxy authentication to the Oracle
database. Proxy authentication is supported over thin and thick JDBC
connections and on the command line. Users can authenticate to the
database using their own credentials and then proxy to another user in
the database. Proxy authentication is particularly useful when
administrators need to connect to the application schema to perform
maintenance. Audit records generated during the connection include the
proxy user name, providing important information on the actual end user
who performed the maintenance activities. Note that the new Oracle
Database 12c Unified Audit can check whether the connection has been
established using a proxy and perform additional auditing. Please refer
to the Oracle documentation for additional details on configuring proxy
authentication with the Oracle database.
SYSTEM> grant create session to steve identified by steve_password;
SYSTEM> grant create session to sales_app_dba identified by sales_app_dba_password;
SYSTEM> alter user sales_app_dba grant connect through steve;
SYSTEM> connect steve[sales_app_dba]/steve_password;
SALES_APP_DBA>
通过使用proxy user可以有效地避免密码泄露问题