Application Security Model [message #315435] |
Mon, 21 April 2008 08:46 |
moshea
Messages: 51 Registered: February 2008 Location: Dublin, Ireland
|
Member |
|
|
Hey,
Not sure if this belongs here or in the Java forum, so feel free to move.
Some Background :
Our DB has 3 schemas (of note). XDBA which owns all the structures. XPRC which owns all the source (packages, views etc). And a readonly account which is the access point for all our applications.
Our standing policy has been that all application SQL is placed in packages (which live in XPRC), and that execute privs on the packages are granted to application specific ROLES which are granted to readonly.
So now my dev's are looking at using Sptring/Hibernate (using `the JPA interface). Our apps are in the main built using Weblogic 9.2. What I'm hearing is "We can't use packages with Hibernate. Well we can, but we don't want to cos it smell's, and negates the ORM benefits of Hibernate. And cos we can't use packages, we need an access point which has DML privs on all these tables".
So, from my perspective I'm reticient to provide an access point with direct DML privileges to all these tables. I like the fact that currently users can at most execute procs which have been placed in the db (assuming they have the correct role info).
Am I mad?
How are other people managing their security model as it pertains to inhouse applications? Create a user with the appropriate privs, and make the dev's etc pinky swear to forget it? Our dev's are typicaly responsible for dropping their applications to production meaning they have knowledge of the passwords etc that the application use. Is this usual?
If anyone has any resources or pointers they can direct me to, I'd be very appreciative.
Cheers,
Michael.
|
|
|
|
Re: Application Security Model [message #315454 is a reply to message #315435] |
Mon, 21 April 2008 09:34 |
moshea
Messages: 51 Registered: February 2008 Location: Dublin, Ireland
|
Member |
|
|
Thanks Michel, as always there's lots of good info on AT.
I realise I actually asked a series of questions in my OP, and so would like to just expand on one of the points ....
To all : "Do you build inhouse applications in java, vb, c++ or whatever? If so, with what sortof of user/priviliges does that application connect to the database? The simplest answer I guess, is that it connects using a user which directly has privs to do whatever is required by the application. But equally, there are other options including indirection using other users/roles, just exec priv's on packages, encrypted service of some sort, or whatever.
No right or wrong answer here, just wondering what you do in your company?"
Cheers,
Michael.
|
|
|