Path: utzoo!attcan!uunet!cs.utexas.edu!sun-barr!lll-winken!unixhub!slacvm!ian
From: IAN@SLACVM.SLAC.STANFORD.EDU
Newsgroups: comp.databases
Subject: Re: Using auto-login feature of Oracle
Message-ID: <90346.150757IAN@SLACVM.SLAC.STANFORD.EDU>
Date: 12 Dec 90 23:07:57 GMT
References: <911@attc.UUCP>
Organization: Stanford Linear Accelerator Center
Lines: 99

How to log on to an ops$ account on a remote machine?  The following requires
an interactive session, but only one program is needed and passwords are not
embedded in the source.  The user is required to know their ops$userid
password on the remote machine.  What follows is a program fragment of a
Pro*C program which logs on to a remote database.

#include <stdio.h>
#include <ctype.h>
#include <stdlib.h>
#include <string.h>
#define IBMC

EXEC SQL BEGIN DECLARE SECTION;
VARCHAR uid??(20??);
                                       /* username                            */
VARCHAR pwd??(20??);
                                       /* password                            */
VARCHAR constr??(20??);                /* connect string */
long    tcode;                         /* temp error code holder */
EXEC SQL END DECLARE SECTION;
EXEC SQL INCLUDE SQLCA;

main()
{
        /* set up arrays to hold strings */
       char usernm[20],usernm2[20] ,pword[20];

   /* place ops$ in usernm
       strcpy(usernm,"OPS$");

      /* get the system login user id of the person, prompt for their
       ops$password on the remote machine, do not echo the keystrokes
       to the console  place the user id and the password on the stack
    */
      system("EXEC COVPASS");

      /*read the stack into the values */
      gets(usernm2);
      gets(pword);

      /* concatenate the userid to ops$ */
      strcat(usernm,usernm2);

       /* load  CONNECT USERID AND USING VALUES
   strcpy(uid.arr,usernm);
   uid.len = strlen(uid.arr);
   strcpy(pwd.arr,pword);
   pwd.len = strlen(pwd.arr);
   strcpy(constr.arr,"T:xxx.xx.xx.xx:");
   constr.len = strlen(constr.arr);

   /* CONNECT TO THE DATABASE */
   EXEC SQL WHENEVER SQLERROR GOTO errexit;
   EXEC SQL CONNECT :uid IDENTIFIED BY :pwd USING :constr;

the above fragment will not run on its own but can me merged into a Pro*C
program.

My local machine is a 3090 runnig VM/CMS and the remote is a Microvax
running VMS.  The program is written in c370, and takes advantage of some
CMS features through a system call to a rexx exec.

for those with rexx the exec is


/* hiding passwords in 3gl */
    /*get system userid */
 logon = xname(userid)

 /* place on stack */
 push logon

 /* get ops$ password on remote machine */

 hidepass = "DOCONS"('INHIBIT','PASSWORD')

 /* place on stack */
 queue hidepass

/* return to C program
exit

NB  DOCONS  is a Rexx library function, I'm not sure if its available
everywhere, we got it from CERN.  It prompts for input and does not echo
the response.

Although, this example is VM based the same strategy can be used on other
systems.  The strategy being
             get the system login id
             concatenate that with ops$
             prompt for the ops$username password on the foreign machine
             turn off keyboard echoing
place in appropriate strings, and use them to perform the login

Ian MacGregor [Stanford Linear Accelerator Center]
               The above opinions are mine, and are not necessarily
               those of the United States Department of Energy
               nor Stanford University.  They are not to be used for
               promotional nor advertising purposes