-----Original Message-----
From: Burton, Laura L. [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 05, 2002 2:46 PM
To: Multiple recipients of list ORACLE-L
Subject: Security for Table/ProcedureI know that you can grant access on a table whether it be select, update, delete, etc, and I know that to keep from granting access to a table you can use procedures and grant execute rights to the procedure.
Our situation is that we want to use procedures for security, but the procedures select data to populate a form and then update if applicable. We had talked about granting select to the tables by using a role since anyone can view the data, and then using procedures to update the tables. The only problem is that if we grant select to the tables and the application executes the procedure within it, the procedure will not be found and even the select will not happen.
Could some of you share how you handle security? Am I missing something with tables/procedures? Any ideas would be appreciated. We are just beginning development and need to have a handle on how we are going to do this.
Thanks,
Laura
Title: Security for Table/Procedure
You
could set up a role that has all the privileges necessary to run the application
then use the set role command in the application - this turns on the
functionality while the user is using the application. Once out of the app, the
users do not have privileges to tables/procedures unless granted via another
role or specifically to the user. You can also create the role with a password -
this password would be needed to use the set role command. This provides an
additional level of security.
Michele
- Security for Table/Procedure Burton, Laura L.
- RE: Security for Table/Procedure marmstrong
- RE: Security for Table/Procedure Mercadante, Thomas F
- RE: Security for Table/Procedure Jacques Kilchoer
