Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.misc -> Re: Using Roles for Security?
In article <6sk9vb$44d$1_at_tholian.cse.psu.edu>,
groenvel_at_cse.psu.edu (John D Groenveld) wrote:
> Why grant and revoke the role from the user? Why not just grant the role
> and SET ROLE foobar in the app?
> John
> groenveld_at_acm.org
>
John,
Good call! I was wondering why it did not appear that you could enable a role
in the same session. I just didn't find the SET ROLE command in the
docs-digging I did earlier. So now, the role is always granted to the user in
question, however is disabled using SET ROLE ALL EXCEPT <ROLE_IN_QUESTION>.
When the user logs in, an embedded SQL statement executes the statement SET ROLE <ROLE_IN_QUESTION>. The role is enabled. When the user logs out, the embedded SQL statement executes SET ROLE ALL EXCEPT <ROLE_IN_QUESTION>, which disables the role and disallows database access.
That's just a bit nicer than how I was approaching it!
Thank you for your help...
Daniel
-----== Posted via Deja News, The Leader in Internet Discussion ==----- http://www.dejanews.com/rg_mkgrp.xp Create Your Own Free Member Forum Received on Thu Sep 03 1998 - 07:56:17 CDT