Re: Application security question

From: wozi <wozi_at_dhc.net>
Date: Tue, 20 Jul 1999 09:04:27 -0700
Message-ID: <C489E9576F429A20.3FB2D090F3D18E00.D182B3FC6998CCF6_at_lp.airnews.net>

Douglas Scott wrote in message ...
>My company has a requirement to validate that a user
>is really who they are suppose to be within a
>particular application. This is mainly caused by
>computers being in a shared area which means that
>someone could login to the database with their Oracle
>account and then another person access the application
>and make a change that that person would not be able
>to do if they were logged into the database using
>their own account. What we want to do is implement a
>second layer of security that will prompt the user for
>a password if they try to update an item that has been
>identified as a restricted item. Does anyone know of
>good way to do this? We don't want to store a password
>in a table that someone could see through sql.
>

You might want to consider implementing ROLE and granting privileges to the roles. You can enable or disable specific role as users navigate throught the application.

Good luck Received on Tue Jul 20 1999 - 18:04:27 CEST

This message: [ Message body ]
Next message: Dong Yang: "dynamic methode with pro c"
Previous message: RUSSELL HERBERT: "Re: FORMS: Set Default Where"
In reply to Douglas Scott: "Application security question"
Next in thread: Jerry Gitomer: "Re: Application security question"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message