Client/Server Security
Date: 1996/10/31
Message-ID: <32778D86.3776_at_b022.aone.net.au>#1/1
I am implementing Developer 2000 running against HP-UX Oracle 7 database. I am interested how security to data base can be handled. We currently have Forms3.0 running on HP-UX (using operating system security OPS$.
Problem is:-
To allow a user to access only that data available to him, each user is
given a username and password. Each user has been granted certain roles
to perform his work.
The Developer Form ensures data integrity (validation) within the data
base.
Some users will have access to HP-UX to perform other functionality and
hence access to SQLPLUS. They may then CONNECT as the granted user and
perform the data base functions allowed (by the roles).
OR any ODBC front-end software (eg Excel, Access) will allow updates to
the data base (thereby bypassing the Developer Form validation) using
the username and roles provided.
How has this been solved elsewhere???
--
*************************************************************************
Ray Dowling
Port of Brisbane Corporation Phone: 61 7 32584739
369 Ann St. Fax: 61 7 32584703
Brisbane Q'ld. 4000 Australia Internet: rgd_at_acslink.aone.net.au
rdowling_at_b022.aone.net.au
P.O. Box 1818
GPO Brisbane 4001.
**************************************************************************
Received on Thu Oct 31 1996 - 00:00:00 CET