| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Restricting ODBC access to Oracle
hi,
bhogak wrote:
>
> Thats what we do too. All our end-users use our Forms to access the
> database and we grant roles to all users based on their Job duties.
> However, lets say a user has a role which allows him to update a table,
> it would also enable him to update that table using ODBC without any
> validation. Hope my question is more clear now.
> Bhogak
you can protect your tables with separate views for read access (odbc, sqlplus) and read/write access (your application).
in the where clause of the read/write views can you check the progam which wants to access the table.
CREATE OR REPLACE VIEW read_write_on_table AS
SELECT * FROM table
WHERE EXISTS ( SELECT 1
FROM V$SESSION
WHERE UPPER( PROGRAM ) LIKE '%APP.EXE'
AND USERENV( 'SESSIONID' ) = AUDSID )
WITH CHECK OPTION;
(it only works if nobody renames his sqlplus.)
-- Andreas Necker ISB AG Tel: +49 (0)721/82800-0 Karlstrasse 52-54 Fax: +49 (0)721/82800-82 76133 Karlsruhe mailto:Andreas.Necker_at_isb-ka.de Germany http://www.isb-ka.deReceived on Wed Jan 10 2001 - 06:26:01 CST
 |
 |