disabling a role via a logon trigger
- From: "Jeffrey Beckstrom" <JBECKSTROM@xxxxxxxxx>
- To: <oracle-l@xxxxxxxxxxxxx>, <ORACLE-L@xxxxxxxxxxxxx>, <oracledba@xxxxxxxxxxx>, <oracle-rdbms@xxxxxxxxxxxxxxx>
- Date: Mon, 01 Nov 2004 13:47:56 -0500
We are running a third party application for which the users are granted
a role. The role allows the users to update the table applications
tables. The problem is that I do not want a user being able to do an
update outside of the application. I thought I came up with a solution
to this by disabling the role if the the terminal running the
application is not one of the servers we expect, i.e. if the connection
was via sqlplus from a users PC, the terminal id would not match and I
would disable the role. If the user was granted other roles to view the
tables, those would remain, just the update role would be disabled.
However, I now find that a database "on logon" trigger can not disable
a role. The procedure that I was calling from the trigger to do the
disable had authid current user but the problem is the trigger.
Is there any way to disable a role from a trigger, or is there some
other way I can disable the role. We do not want users being able to
update tables outside of the application.
Jeffrey Beckstrom
Database Administrator
Greater Cleveland Regional Transit Authority
1240 W. 6th Street
Cleveland, Ohio 44113
--
//www.freelists.org/webpage/oracle-l
Other related posts:
