Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Logons & V$SESSION

Re: Logons & V$SESSION

From: Roy Jones <docjones_at_bellsouth.net>
Date: Fri, 23 Oct 1998 00:22:08 GMT
Message-ID: <362fca30.3055898@news1.lig.bellsouth.net> 





On 21 Oct 98 19:56:22 +0100, "Lothar Armbrüster"
<lothar.armbruester_at_rheingau.netsurf.de> wrote:



>On 21-Okt-98  18:11:29 Jens Kieffer-Olsen wrote:


>


>>Roy Jones wrote in message


>><362bb7c2.5631756_at_news1.lig.bellsouth.net>...


>>>I have a question about logging into the database:


>>>


>>>I have an ORACLE 7.3.4.1 database running on an HP9000 K410/570.


>>>We want to allow our users to log on with only a certain set of tools.


>>>My first attempt was to monitor the V$SESSION table specifically the


>>>PROGRAM column to determine what tool is being logged in with.  This


>>>works great for all situations except Windows NT.  WinNT put the full


>>>path to the program/shortcut in the table which normally is more than


>>>the 48 characters the PROGRAM column can handle. My next attempt was


>>>to go back to the PRODUCT_USER_PROFILE table but all I know about it


>>>is that you must list each product individually and the only valid


>>>value I know is SQL*Plus.


>>>


>>>Any and all help would be greatly appreciated.


>


>


>>  For one thing the PROGRAM column handles 64 characters!


>


>We do sort of this using roles. Our users gain acces to the important


>tables through a role. This role is normally disabled and password


>protected. When our application starts, it enables the role and the user


>can work.


>If the user logs in via SQL*Plus, he gets connects but his possibilities


>are limited to a bare minimum.


>Maybe this is an option for you too.


>


>Hope that helps,


>Lothar


>


>--


>Lothar Armbrüster       | lothar.armbruester_at_rheingau.netsurf.de


>Schulstr. 12            | lothar.armbruester_at_t-online.de


>D-65375 Oestrich-Winkel |


>




For ignorant Jens Kieffer-Olsen the PROGRAM column is only 64 in
Oracle 8, but thanks for playing.



For Lothar.....we tried this but we have roles granted to roles and if
we password protect the first our users can still set their role to
the other.  For example,  we grant role_1 to role_a and role_a to the
user.  You can not tell that you have role_1 available but you can do
a set role role_1;.  We have thought about password protecting all
roles but have not tested this yet.



Thanks again Lothar........



Roy Jones, SrA, USAF


HQ SSG/SWDUS



jonesr_at_ssg.gunter.af.mil
Received on Thu Oct 22 1998 - 19:22:08 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US