|
|
|
|
| Re: restrict toad to access database [message #261021 is a reply to message #260985] |
Tue, 21 August 2007 09:35   |
DreamzZ
Messages: 1666
Registered: May 2007
Location: Dreamzland
|
Senior Member |
|
|
Some thing like this
begin
FOR REC IN (SELECT USERNAME,PROGRAM,MODULE,TERMINAL,MODULE_HASH FROM V$SESSION
WHERE AUDSID = USERENV('SESSIONID'))
LOOP
if rec.username not in ('SYS','SYSTEM','ABBC','XYZ')
and
upper(rec.terminal) not like '%Computername%'
and
(rec.module is not null
OR
upper(rec.program) like '%EXP%'
OR
upper(rec.program) like '%IMP%'
OR
upper(rec.program) like '%VRMGR%'
OR
upper(rec.program) like '%EZSQL.EXE'
OR
rec.program is NULL
OR
upper(rec.program) like '%TOAD.EXE')
then
RAISE_APPLICATION_ERROR(-20001,'Sorry You are not Authorise to Logon from this tool');
end if;
end loop;
END;
|
|
|
|
|
|
| Re: restrict toad to access database [message #269383 is a reply to message #261025] |
Fri, 21 September 2007 22:01 |
smunir362
Messages: 310
Registered: September 2007
|
Senior Member |
|
|
In case of rename no problem above script would not work.
Acyually that script was developed by me.
If rename then we can check on module column. When u connect with taod the module is populated sometking like
"toad.2.1" so modily that code ..........
Regards,
Munir
|
|
|
|
|
|
|
|
|
|
| Re: restrict toad to access database [message #270601 is a reply to message #269457] |
Thu, 27 September 2007 11:24 |
smunir362
Messages: 310
Registered: September 2007
|
Senior Member |
|
|
But
1- On the other side we can allow only our own apps to allow and all other to blocks........
2- We can set in our application startup to set SET_CLIENT_INFO=allowable
3- Then we can create trigger on logon and check above two conditions if it is true then logon otherwise block.
4- No need to block IP through protocol.ora
Agree or not.........
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Re: restrict toad to access database [message #271431 is a reply to message #271002] |
Mon, 01 October 2007 11:57 |
MarcL
Messages: 455
Registered: November 2006
Location: Connecticut, USA
|
Senior Member |
|
|
What is the POINT ??
If they have a database login, control access with database roles and privs. Whatever they can do in TOAD can be done with any other tool.
A short list:
sqlplus/pl sql developer/sql developer/ MS ACCESS/ VB
Why do you care which tool is being used to access the database?
I am very curious to hear the business reason to block this access.
|
|
|
|
| Re: restrict toad to access database [message #271445 is a reply to message #271431] |
Mon, 01 October 2007 12:27 |
 |
Michel Cadot
Messages: 68722
Registered: March 2007
Location: Saint-Maur, France, https...
|
Senior Member
Account Moderator |
|
|
Business reason, there is none.
Badly written application reasons, there are many like giving update privilege to user when they are only allowed to update through the application and these updates should be done via packages.
Regards
Michel
|
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
