Re: Auditing original user in an n-tier environment
- From: Thomas Day <tomday2@xxxxxxxxx>
- To: Christian Antognini <Christian.Antognini@xxxxxxxxxxxx>
- Date: Mon, 23 May 2005 10:30:04 -0400
On 5/23/05, Christian Antognini <Christian.Antognini@xxxxxxxxxxxx> wrote:
>=20
>=20
> >We are fighting the exact same fight. Oracle provides a mechanism
> >with DBMS_SESSION.set_context and sys_context. However, this is not a
> >magic bullet. We have a web-based application with pooled
> >connections.
>=20
> Tom
>=20
> Do you use global contexts?
>=20
>=20
> Chris
>=20
Global context isn't the issue --- though it's what I would use. The
Web is state-less. With each new page it picks the next connection
available to communicate with the database. If you have a 10
connection pool, during a single session with the application one user
could end up using all 10 connections --- maybe even twice over.
With each new connection it is the application's job to establish the
context for that connection (not session) with the Oracle database.
Currently we are using a home-rolled mechanism that mimics Oracle's.=20
It's no better or worse, just very poorly documented and no knowledge
of how it works exists ourside the current group of contractors.
I guess that you'd call it job security.
--
//www.freelists.org/webpage/oracle-l
Other related posts:
