Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Role/Priv Implementation Problem

Re: Role/Priv Implementation Problem

From: Spencer Olson <spencer_olsen_at_ssb.com>
Date: 1997/05/02
Message-ID: <336A077C.372E@ssb.com>#1/1 







Bob wrote:


> 

> Our end users have Oracle database access via in-house applications and through

> Microsoft Query.  We are looking at the best way to implement security: using

> Oracle roles/privs vs creating user tables that specify access privs.

> 

> The problem we are having with the Oracle roles/privs is that even when the

> users are not in the application, they still have the roles available in Query.

> We don't want them to have anything but read-only when outside the application.

> 

> Any suggestions that might allow us to remain with Oracle roles and limit

> access outside the apps or is this perhaps not a desired way to go?

> 

> Any suggestions would be greatly appreciated!





Yeah,  when a user logs into Oracle using the app,  reset the role to allow the privileges you want,  SET ROLE 
<rolename>.   You can even have the role password enabled so when users are using Query,  they can't set the 
role.  Thus,  each user might have a default role that allows them to query,  and nothing else,  but in the 
app, their role has changed.




Spencer Olson


State Street Bank
Received on Fri May 02 1997 - 00:00:00 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US