Now I'm not sure, but I beleave the account used as login to oracle is the one which runs the service not the one which has called the service.
You should look into impersonation
http://msdn.microsoft.com/en-us/library/ms730088.aspx[
^]
So in you WCF method do something like the below (taken from the site I linked):
WindowsIdentity callerWindowsIdentity = ServiceSecurityContext.Current.WindowsIdentity;
if (callerWindowsIdentity == null)
{
throw new InvalidOperationException("The caller cannot be mapped to a WindowsIdentity");
}
using (callerWindowsIdentity.Impersonate())
{
}