Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: how to prevent user access from outside of a third-party application

Re: how to prevent user access from outside of a third-party application

From: Fuad Arshad <fuadar_at_yahoo.com>
Date: Tue, 2 Nov 2004 13:48:48 -0800 (PST)
Message-ID: <20041102214848.34903.qmail@web80501.mail.yahoo.com>


idid sometihng like this to prevent access. can be refined as needed
this can be called forme a trigger.  

CREATE OR REPLACE procedure set_t_batch

AUTHID CURRENT_USER IS

v_sid v$session.sid%TYPE;

v_username v$session.USERNAME%TYPE;

v_osuser v$session.OSUSER%TYPE;

v_program v$session.PROGRAM%TYPE;

v_machine v$session.MACHINE%TYPE;

BEGIN select sid, username, osuser,program,machine

into v_sid, v_username, v_osuser ,v_program,v_machine

from v$session

where audsid = userenv('sessionid');

DBMS_OUTPUT.put_line (v_sid);

DBMS_OUTPUT.put_line (v_username);

DBMS_OUTPUT.put_line (v_osuser);

DBMS_OUTPUT.put_line (v_program);

IF (v_program like 'JDBC%')

THEN IF (v_username = 'ABC')

THEN dbms_session.set_role('RL_BATCH IDENTIFIED BY abc') ;

ELSE NULL; END IF; ELSE NULL; END IF; END set_t_batch;

Jeffrey Beckstrom <JBECKSTROM_at_gcrta.org> wrote: Since I can not disable a role through a logon database trigger, I am seeking help in how to prevent a user from updating tables outside of the third-party application. The user is granted a role which permits update. I can not password protect the role since it is used by the third party application. What are some options. Fine grained access control is not realistic since would have to set it up on every table in the system.

Jeffrey Beckstrom
Database Administrator
Greater Cleveland Regional Transit Authority 1240 W. 6th Street
Cleveland, Ohio 44113

--

http://www.freelists.org/webpage/oracle-l

--

http://www.freelists.org/webpage/oracle-l Received on Tue Nov 02 2004 - 15:44:35 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US