Enterprise User Security supports the authentication types listed in Table 1-3 for connections between clients, databases, and directories.
Table 1-3 Enterprise User Security: Supported Authentication Types for Connections between Clients, Databases, and Directories
| Connection | Supported Authentication Types |
|---|---|
|
Clients-to-Databases |
Passwords, SSL, and Kerberos |
|
Databases-to-Databases (Current User Database Links) |
SSL only |
|
Databases-to-Directories |
SSL and Passwords |
However, some combinations of authentication types for connections make more sense than others. For example, it is unusual to have a high level of security for client-database connections by using SSL for all user connections, but then configuring the database to authenticate to the directory by using passwords. Although this configuration is supported, it does not provide consistent security for connections. Ideally, the database-directory connection should be at least as secure as that between users and databases.