Re: Access control to forms by userid?

From: Richard D Holowczak <holowcza_at_andromeda.rutgers.edu>
Date: 11 Apr 94 21:00:27 GMT
Message-ID: <Apr.11.17.00.27.1994.4831_at_andromeda.rutgers.edu>

an42433_at_anon.penet.fi (dlima) writes:

>I need to have "application-level security" in
>my ORACLE system. The current system uses
>SQL*Forms 2.3 with ORACLE version 6 (and
>*no* use of SQL*Menu).

>The requirement is to be able to control
>access by various users to the different
>forms that make up the application; and
>if possible, log an audit trail access
>to them on the fly.

>Has anyone seen or developed something
>similar?

We are going to use something along these lines.

We created a "security" table with 2 columns, the user's Oracle userid and the name of a form.

Each form gets a KEY-STARTUP trigger that checks this table with the form name and user id. If no records are found in the security table, then the form exits.

Either way, we can also write to a transaction table with user id, form name, date/time and "result" which is OK if access was permitted or DENIED if access to the form was denied.

Using Oracle CASE, we can embed this into a template form from which all forms are generated thus ensuring consistency and saving quite a bit of extra coding on each individual form.

A final note, we are using Forms 3.0 and Forms 4.0. I'm fairly certain Forms 2.3 has some sort of KEY-STARTUP trigger definition. (It's been a while :)

Rich Holowczak
Rutgers University
holowcza_at_andromeda.rutgers.edu Received on Mon Apr 11 1994 - 23:00:27 CEST

This message: [ Message body ]
Next message: Ventrone: "Re: Can you rollback a table creation?"
Previous message: Tony Jambu: "Re: Detecting Orphan SQLnet Shadow Processes"
In reply to: dlima: "Access control to forms by userid?"
Next in thread: Ventrone: "Re: Can you rollback a table creation?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message