Oracle FAQ Your Portal to the Oracle Knowledge Grid

Home -> Community -> Usenet -> c.d.o.misc -> Re: Oracle in Visual Basic

Re: Oracle in Visual Basic

From: Thomas Blankschein <>
Date: Thu, 12 Oct 2006 19:19:35 +0200
Message-ID: <452e792a$0$21733$>


we have gone a way like that before. One schema in the database for the application, user + encrypted password info stored in a *ini-File on the client, application loads dll, dll reads ini-File an connects to the db.

Say what? We dropped this solution. Why? Low security and no way of using the very nice and powerful oracle security things (grants, roles, auditing...)

When the application was redesigned because of grown business requirements, we decided to use the oracle security features. This means: There is a single application schema in the db which holds all the objects like tables, views, packages etc. Every user which has access to the application is also an oracle user/schema. Depending on the role he has in the company the user has grants on the objects in the application schema. Normal user can only read table A. Powerusers can also read table B and can insert on table A etc. The security is fully stored in the database, at one single point and achieved by proven technology (for which you have paid with the oracle licence).
Let me use a phrase from Tom Kyte: "Applications come and go, but the data stay"). So don't try to reinvent the role-and-security wheel in your application, just use what is already there in the database. You don't know how long the application will live. But you can be sure, the database with the data will live much longer.

By this approach, you can use a db-logon-dll which presents a login dialog for typing in user/pw. That's well known and accepted. Or you can configure the database to trust your network login system like Active Directory. Then the user does not need to type his username and password, but he is connected to the db as an individual person.

Thomas Received on Thu Oct 12 2006 - 12:19:35 CDT

Original text of this message