Application setup on logon [message #657577] |
Tue, 15 November 2016 01:55 |
|
shamsad.khan@gmail.com
Messages: 12 Registered: October 2016
|
Junior Member |
|
|
Hi All,
I have developed an application (Forms 11g and Oracle database 11g, Windows 64 bit). I have a main schema ("main_schema" where in all my application's database objects have been created.
I have created many users, through which individual user can access the application.
I have created logon database trigger. In it I have issued command "alter session set current_schema=main_schema"
I have created many roles (admin, manager, supervisor, operator, ...). Each role have different privileges on (table,procedure,function,sequence...). Based on users, roles are assigned.
I have created my login screen. The user has to enter the username and password and through logon(username,password||'@'||connect_string,false), the user gets logged in.
I need suggestion from you all.
1) Every individual user right to access forms, reports, menus , .. are stored in a table (user_info) that is in the main_schema.
After the user logon, I need to access the main_schema and retrieve data from the table user_info. Based on the user access information, I can enable or disable/hide menus at runtime.
The above approach is not good as far as security is concern.
I would appreciate if you all can give me the best approach or method step by step so the user doesn't get access to what is not granted to him/her wrt security.
Thanks
|
|
|