RE: way to grant schema privilege
Date: Tue, 29 Sep 2009 11:54:12 -0400
Sorry, Nuno, but that is incorrect. Please see http://www.it-eye.nl/weblog/2005/09/12/oracle-proxy-users-by-example/
Senior Oracle DBA/NA Team Lead
[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Nuno Souto Sent: Monday, September 28, 2009 11:57 PM Cc: Oracle L
Subject: Re: way to grant schema privilege
Not directly, no. Even through proxies, you still need to grant access
objects via a role and then the role to a logon, be that a proxy or for example,
any logon that does a "ALTER SESSION SET CURRENT_SCHEMA=<schema>". In other words: the proxy user is not a replacement for granted privileges, it
Your choice if you use a proxy logon - relevant for three-tier access - or
something like a login trigger setting current_schema. Then a role is granted to
that logon. The role defines the access privileges, not the user logon. You
cannot grant an entire schema to a role, it has to be object by object.
-- Cheers Nuno Souto in sunny Sydney, Australia dbvision_at_iinet.net.au dba1 mcc wrote,on my timestamp of 29/09/2009 4:07 AM:Received on Tue Sep 29 2009 - 10:54:12 CDT
> On ORACLE 10GR2 and 11G is it possible grant access privileges on
schema level NOT table/view level.
> for example, I want grant 'select, update, delete" on one schema (all
object under that schema) to another person. Is it possible?
-- http://www.freelists.org/webpage/oracle-l -- http://www.freelists.org/webpage/oracle-l