Row Level Security Benefits?

• From: Charlotte Hammond <charlottejanehammond@xxxxxxxxx>
• To: oracle-l@xxxxxxxxxxxxx
• Date: Thu, 26 Apr 2007 09:08:15 -0700 (PDT)

Hi All,

I'm looking at using DBMS_RLS to implement some simple
row level security.  For example we have a few tables
with rows which only department managers should be
able to see (they are using a 3-tier Java
application):

I can create a view like this (for example):

SELECT value
   FROM my_data     md,
        department  dept,
        manager     m
 WHERE md.dept_no = dept.dept_no
      AND dept.manager_no = m.manager_no
      AND m.manager_id =
SYS_CONTEXT('USERENV','CLIENT_IDENTIFIER');

And then grant select on the view (rather than the
MY_DATA table).

Is there anything to gain by adding RLS into this mix
instead of using views?  It certainly costs $$$s extra
so I only want to use it if I can get a tangible
benefit.  Significantly this application is read-only
(well, sort of, assume it is for this discussion!)  I
have read through the fine manuals but it all looks
more complex than I really need.

Should I continue with my attempt to create a bunch of
views or is there anything to be gained by using RLS
here?

Any shared experience would be most welcome!

Many thanks
Charlotte


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
--
http://www.freelists.org/webpage/oracle-l

• » Row Level Security Benefits?
• » Re: Row Level Security Benefits?
• » Re: Row Level Security Benefits?
• » Re: Row Level Security Benefits?

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription