Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: Security for Table/Procedure

RE: Security for Table/Procedure

From: Mercadante, Thomas F <Thomas.Mercadante_at_Labor.State.Ny.Us>
Date: Tue, 05 Feb 2002 12:32:37 -0800
Message-ID: <F001.00406AA3.20020205123107@fatcity.com> 







<SPAN 



class=512052420-05022002>Laura,


<SPAN 



class=512052420-05022002> 


Have 


you looked at public synonyms for your stored procedures?  This will solve 
your problem of not being able to find the procedure.


<SPAN 



class=512052420-05022002> 


<SPAN 



class=512052420-05022002>Secondly, where are you creating the stored 
procedures?  I would create them in the same account as the tables, and 
grant execute access to whomever needs them.


<SPAN 



class=512052420-05022002> 


<SPAN 



class=512052420-05022002>Finally, you are correct in trying to resolve this now, 
before development gets too far along.  Write back to the list - we are all 
willing to help!


 


Hope 


this helps.


Tom Mercadante <FONT face=Arial 


size=2>Oracle Certified Professional 



  <FONT face=Tahoma 


  size=2>-----Original Message-----From: Burton, Laura L. 
  [mailto:BurtonL_at_prismplus.com]Sent: Tuesday, February 05, 2002 2:46 
  PMTo: Multiple recipients of list ORACLE-LSubject: 
  Security for Table/Procedure


  I know that you can grant access on a 
  table whether it be select, update, delete, etc, and I know that to keep from 
  granting access to a table you can use 
  procedures and grant execute rights to the procedure.  
  Our situation is that we want to use 


  procedures for security, but the procedures select data to populate a form and 
  then update if applicable<FONT 


  face=Arial size=2>.  We had talked about 
  granting select to the tables<FONT 


  face=Arial size=2> by using a role since anyone can view the data, and then 
  using procedures to update the tables.  The only problem is that if we 
  grant select to the tables and the application executes the procedure within 
  it, the 


  procedure will not<FONT face=Arial 


  size=2> be found and even the select will not 
  happen.


  Could some of you share how you handle 
  security?  Am I missing something with tables/procedures?  Any ideas 
  would be appreciated.  We are just 


  beginning development and need to <FONT 

  face=Arial size=2>have<FONT face=Arial 
  size=2> a handle on how we are going to do this<FONT face=Arial 
  size=2>.




  Thanks,


  <FONT face=Arial 


size=2>Laura
Received on Tue Feb 05 2002 - 14:32:37 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US