Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.misc -> Re: Oracle in Visual Basic
Hi,
we have gone a way like that before. One schema in the database for the application, user + encrypted password info stored in a *ini-File on the client, application loads dll, dll reads ini-File an connects to the db.
Say what? We dropped this solution. Why? Low security and no way of using the very nice and powerful oracle security things (grants, roles, auditing...)
When the application was redesigned because of grown business
requirements, we decided to use the oracle security features. This
means: There is a single application schema in the db which holds all
the objects like tables, views, packages etc. Every user which has
access to the application is also an oracle user/schema. Depending on
the role he has in the company the user has grants on the objects in the
application schema. Normal user can only read table A. Powerusers can
also read table B and can insert on table A etc.
The security is fully stored in the database, at one single point and
achieved by proven technology (for which you have paid with the oracle
licence).
Let me use a phrase from Tom Kyte: "Applications come and go, but the
data stay"). So don't try to reinvent the role-and-security wheel in
your application, just use what is already there in the database. You
don't know how long the application will live. But you can be sure, the
database with the data will live much longer.
By this approach, you can use a db-logon-dll which presents a login dialog for typing in user/pw. That's well known and accepted. Or you can configure the database to trust your network login system like Active Directory. Then the user does not need to type his username and password, but he is connected to the db as an individual person.
Thomas Received on Thu Oct 12 2006 - 12:19:35 CDT