For the single sign-on approach to the database, which approach would you recommend in 19c?
As per the Oracle 19c documents for database authentication, Kerberos allows for single sign-on and it claims the following:
- "Least intrusive authentication mechanism for Active Directory integration"
- "ZERO changes to the Active Directory schema, no need for plugins installed in Active Directory"
As a result, it appears that Kerberos is the easiest to set up for single sign-on.
Kerberos provides,"Enterprise User Security" and "Centrally Managed Users"!