Re: Can you trigger an automatic WHERE-clause on any statement on a table?

From: Dave Godbey <luhbey_at_erols.com>
Date: Wed, 01 Nov 2000 20:12:18 -0500
Message-ID: <3A00BF72.FEB800B4_at_erols.com>

[Quoted] Yes, you can. Use Oracle policies. I don't have my code here at home, but you [Quoted] can email me at mailto:godbeyd_at_saic.com for examples.

Basically, you create a policy on a table or view. It can be select or DML. First you create an SP that creates a where clause fragment based on whatever you need. Then you declare a policy connecting the table or view to the stored procedure. When a select occurs on a table with a policy, Oracle goes to the stored procedure declared in the policy. The procedure then creates a string to be appended to the current where clause. Dave

Frank van Bortel wrote:

> Charlton Purvis wrote:
>
> > Hi, Jacob:
> >
> > I'm much in the same boat as you are, but we're in the beginnings of
> > the development cycle: wrapping up requirements and specifications.
> > Forms are nothing new to our company, neither are large Oracle
> > databases, but Forms Server 6i and 8i's row-level security are. I'd be
> > very interested to know your expected user-base, and what types of
> > pitfalls you have overcome in terms of high bandwidth requirements
> > Forms may require, e.g. have you found multiple small forms favorable
> > to few large forms? did you have to cut back on anything w/ web
> > distribution?
> >
> > Our system whose prototype will be released to the state in February is
> > a case management software solution that will have approximately 300
> > maximum concurrent users all accessing the app server over secure
> > Internet connections, certificates, and pseudo-VPN. (A WAN/VPN may be
> > in the making, but that certainly won't materialize by February.) We
> > emphasize the word prototype since Forms and Reports Server is
> > something new to us, and although it's comfortable and quick as a
> > development tool, if it is clumsy and too slow for our end-user, we
> > will go back to sqare 2 and re-think our implementation.
> >
> > But RLS and app contexts will be part of the system, regardless. With
> > state-wide political, scope, and confidentiality issues all playing a
> > large role in security design, I am toying w/ the idea of using RLS and
> > app contexts to put UNIX filesystem-like permission columns on each row
> > of all tables. I'm concerned w/ performance issues if we're constantly
> > checking a user's app context w/ whatever row they are requesting, but
> > it still seems to me that other posts and research I have read fall
> > short when they consider minimal rls/app_contexts plus a user-specific
> > views and synonyms as a complete solution. Am I wrong in thinking that
> > user-views and synonyms won't completely cover all the bases if a user
> > is also going to be allowed to access the system via ODBC? (I know
> > that's a completely separate security issue, but the question still
> > stands.)
> >
> > Bottom line . . . Is it unpracitcal to associate file system-like
> > permissions on every row of every table to limit a user's scope and
> > permissions?
>
> That is promised in 9i
>
> > If we get it right from square one, I don't think it will
> > be an administrative headache, but I'm still concerned about
> > performance issues.
> >
> > And how far along are you in Forms 6i land? How did you reach Forms as
> > your software solution? Is this for a LAN or WAN?
> >
> > We are currently doing our own tests of the bandwith requirements of
> > Forms using a UNIX sniffer (I don't completely trust nor understand
> > Oracle's data specs.)
> >
> > Would love the opportunity for a two-way information exchange.
> >
> > Look forward to a response.
> >
> > Charlton Purvis
> >
> > In article <0y4E5.18745$Ly1.252129_at_news5.giganews.com>,
> > "Jacob" <jacmads_at_hotmail.com> wrote:
> > > Hi all
> > >
> > > We are currently in the process of migrating a previous single-user
> > > application to a multi-user application running on the web using Forms
> > > Server 6i on Oracle8i 8.1.6 on Windows NT.
> >
> > Sent via Deja.com http://www.deja.com/
> > Before you buy.
>
> --
> Gtrz,
>
> Frank van Bortel
Received on Thu Nov 02 2000 - 02:12:18 CET

This message: [ Message body ]
Next message: Aca Vasic: "Re: Multiple LOV results"
In reply to Charlton Purvis: "Re: Can you trigger an automatic WHERE-clause on any statement on a table?"
Next in thread: DanHW: "Re: How to call Reports 6i from Forms button??"
Reply: Charlton Purvis: "Re: Can you trigger an automatic WHERE-clause on any statement on a table?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message