Re: how to prevent user access from outside of a third-party application
- From: Fuad Arshad <fuadar@xxxxxxxxx>
- To: JBECKSTROM@xxxxxxxxx, oracle-l@xxxxxxxxxxxxx
- Date: Tue, 2 Nov 2004 13:48:48 -0800 (PST)
idid sometihng like this to prevent access.
can be refined as needed
this can be called forme a trigger.
CREATE OR REPLACE procedure set_t_batch
AUTHID CURRENT_USER
IS
v_sid v$session.sid%TYPE;
v_username v$session.USERNAME%TYPE;
v_osuser v$session.OSUSER%TYPE;
v_program v$session.PROGRAM%TYPE;
v_machine v$session.MACHINE%TYPE;
BEGIN
select sid, username, osuser,program,machine
into v_sid, v_username, v_osuser ,v_program,v_machine
from v$session
where audsid = userenv('sessionid');
DBMS_OUTPUT.put_line (v_sid);
DBMS_OUTPUT.put_line (v_username);
DBMS_OUTPUT.put_line (v_osuser);
DBMS_OUTPUT.put_line (v_program);
IF (v_program like 'JDBC%')
THEN
IF (v_username = 'ABC')
THEN
dbms_session.set_role('RL_BATCH IDENTIFIED BY abc') ;
ELSE
NULL;
END IF;
ELSE
NULL;
END IF;
END set_t_batch;
Jeffrey Beckstrom <JBECKSTROM@xxxxxxxxx> wrote:
Since I can not disable a role through a logon database trigger, I am
seeking help in how to prevent a user from updating tables outside of
the third-party application. The user is granted a role which permits
update. I can not password protect the role since it is used by the
third party application. What are some options. Fine grained access
control is not realistic since would have to set it up on every table in
the system.
Jeffrey Beckstrom
Database Administrator
Greater Cleveland Regional Transit Authority
1240 W. 6th Street
Cleveland, Ohio 44113
--
//www.freelists.org/webpage/oracle-l
--
//www.freelists.org/webpage/oracle-l
Other related posts:
