[SOLVED]Database connection
-
Hello guys! I've started developing my client application to Oracle database and found one problem. I'm going to use QOCI.
The problem is that I'm not sure about the way my password is sent to the server. Is it encrypted by default or is it sent just as a plain text?? If it is so, what should I do to organize a safe way of sending the password?
Thanks a lot!
-
Documentation says bq. "This function stores the password in plain text within Qt. Use the open() call that takes a password as parameter to avoid this behavior."
-
I've read this. But it doesnt' describe the behaviour of open(). Thanks.
The only idea to stay on the safe side is to provide ssl-connection, but it's better to avoid such a decision.
-
I see. But how does the driver send the password to Oracle server??? That's the most important moment. Is there any official information about this?
Thanks
-
[quote author="fairycorsair" date="1347535448"]I see. But how does the driver send the password to Oracle server??? That's the most important moment. Is there any official information about this?
Thanks[/quote]The Qt driver only forms a thin layer on top of the oracle driver. So, the Qt driver passes it to the oracle driver API, but what happens from there is a complete black box. Qt does not communicate directly with the oracle server, and so it has no influence on how that communication works or is encoded.
-
Well, thanks a lot. I suppose, this topic can be closed.
-
[quote author="fairycorsair" date="1347540069"]Well, thanks a lot. I suppose, this topic can be closed.[/quote]
Topics are not closed, unless they get out of hand in some way. If you want to mark the topic as [Solved], you can do so yourself by editing your first post in the topic.
-
Thank you. It's better to get some details in Oracle forum)
