RE: Separate Schemas for Data and Application?

• From: Dave Morgan <oracle@xxxxxxxxxxx>
• To: Oracle-L <oracle-l@xxxxxxxxxxxxx>
• Date: Wed, 09 Apr 2014 06:21:39 -0600

Our preferred method is to have all objects and code in a single schema (DATA 
OWNER, %_DO)
to which the DBA only knows the password. All access is done through DATA ENTRY 
schemas
(%_DE. %_RPT, %_WEB)  to which the business users only know the password and 
finally
there are READ ONLY schemas (_RO) for everyone else.

Data access and read only roles are created to simplify grant management and 
then a script
which reads the role_tab_privs table is run to create synonyms

This allows duhvelopers access to production data without danger as well as 
allowing fine
grained access to "sensitive" tables

HTH
Dave
--
Dave Morgan
Senior Consultant, 1001111 Alberta Limited
dave.morgan@xxxxxxxxxxx
403 399 2442
--
//www.freelists.org/webpage/oracle-l

Other related posts:

• » Separate Schemas for Data and Application?- Jeff C
• » Re: Separate Schemas for Data and Application?- Juan Carlos Reyes Pacheco
• » RE: Separate Schemas for Data and Application?- Chitale, Hemant K
• » Re: Separate Schemas for Data and Application?- Toon Koppelaars
• » Re: Separate Schemas for Data and Application?- William Robertson
• » RE: Separate Schemas for Data and Application? - Dave Morgan
• » Re: Separate Schemas for Data and Application?- Yong Huang
• » Re: Separate Schemas for Data and Application?- Igor Racic
• » Re: Separate Schemas for Data and Application?- Dba DBA

1. Home
2. oracle-l
3. Archive
4. 04-2014

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---