jeudi 26 février 2015

Restrict Oracle DB Login based on SQL Client being used


We have an application in our organization that is based on Oracle Forms 11g (on Oracle Fusion Middleware/WLS). Users have access to the application through accounts created at the database (i.e. they exist in dba_users). Each user is assigned a specific role based on their area of work and they use the user id to log on to the application. The user may have read/write access to certain functionality in the application and for this their roles have the following permissions-



EXECUTE ANY LIBRARY
SELECT ANY SEQUENCE
EXECUTE ANY TYPE
EXECUTE ANY PROCEDURE
UPDATE ANY TABLE
SELECT ANY TABLE
DELETE ANY TABLE
EXECUTE ANY INDEXTYPE
INSERT ANY TABLE


Now we have some users requesting for SQL Client access (i.e. TNS settings) so that they can connect to the DB and perform queries for their research. These business users are ofcourse knowledgeable in SQL but we want to restrict their access based on the type of client they use to log on to the database. Any client other than the application itself, should restrict them to "read only".


Is there a way to achieve this?





Aucun commentaire:

Enregistrer un commentaire