Joseph, I did some googling and found that Oracle has 'proxy user authentication'. See this Ask Tom article (someone wanting to do the same thing as you are, but in java):
http://tinyurl.com/6qe8xk Although I don't know if you can do it with the ColdFusion setup directly, but maybe you can access some underlying java component to do it. Hopefully this might give you another alternative. Let me know how it turns out. Dave -----Original Message----- From: Joseph Bugeja [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2008 7:57 AM To: CF-Talk Subject: Re: DataSource Events like Before Commit? Exactly! You perfectly understood my concern. If ColdFusion supported dynamic connection parameter injection or proxy authentication then we can identify the connection pool users but there is no straightforward solution to this. Through pooling we are connected through one db user which for security complaince (PCI) we need to remove this hole while keeping the benefits of pooling. Triggers can help certainly help us for auditing but again at db level I do not want have the same user showing up in my logs. >Got it. Now I understand better. You want to pass the userid of your >'logged in user' to track the change in the database instead of using the >user id that the datasource is logged in as. > >I don't see any way for you to do this without changing your code. Maybe >someone else can come up with something, but I just don't see any way around >it. Whether you change it to implement the idea you had below or do it some >other way, bottom line is, you will need to change your code to make Oracle >aware of each individual user's ID. > >You might still be able to find a way to use the triggers, but I still think >you'll need a code change. > >Sorry, no help. > >Dave >Thanks again for your reply. > >Unfortunately, I need to pass the userid prior to executing each query as >otherwise the auditing function would not know the userid. We have triggers >on tables but triggers need the read the userid apriori. > >ColdFusion does not allow us to build our connection string dynamically or >to dynamically inject connection string variables (such as the userid), as >is the case with VB.NET and C#. This is why I am looking for an alternative. > >>Joseph, >> >>I think Gert's suggestion earlier could work for you. You could design a >>trigger to fire the stored procedure prior to any Inserts or Updates. >Check >a >before ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:309453 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
