CONN / AS SYSDBA
CREATE USER user2 IDENTIFIED BY user2;
ALTER USER user1 GRANT CONNECT THROUGH user2;
We can now connect to the user1 user, using the credentials of the proxy user.
SQL> CONN user2[user1]/user2
SQL> SHOW USER
USER is “user1”
Proxy users can be identified using the PROXY_USERS view.
SELECT * FROM proxy_users;
PROXY CLIENT AUT FLAGS
—————————— —————————— — ———————————–
user2 user1 NO PROXY MAY ACTIVATE ALL CLIENT ROLES
The proxy authentication can be revoked using the following command.
ALTER USER user1 REVOKE CONNECT THROUGH user2;
Using the “CONNECT THROUGH” privilege, a granted user, can set up their privileged account to have connect through access to any other user.
Allowing the privileged user to perform tasks as that user, without having to alter the user’s password.