Home » Developer & Programmer » Forms » Application setup on logon (Oracle Forms 11g)
| Application setup on logon [message #657577] |
Tue, 15 November 2016 01:55  |
 |
shamsad.khan@gmail.com
Messages: 12
Registered: October 2016
|
Junior Member |
|
|
Hi All,
I have developed an application (Forms 11g and Oracle database 11g, Windows 64 bit). I have a main schema ("main_schema" where in all my application's database objects have been created.
I have created many users, through which individual user can access the application.
I have created logon database trigger. In it I have issued command "alter session set current_schema=main_schema"
I have created many roles (admin, manager, supervisor, operator, ...). Each role have different privileges on (table,procedure,function,sequence...). Based on users, roles are assigned.
I have created my login screen. The user has to enter the username and password and through logon(username,password||'@'||connect_string,false), the user gets logged in.
I need suggestion from you all.
1) Every individual user right to access forms, reports, menus , .. are stored in a table (user_info) that is in the main_schema.
After the user logon, I need to access the main_schema and retrieve data from the table user_info. Based on the user access information, I can enable or disable/hide menus at runtime.
The above approach is not good as far as security is concern.
I would appreciate if you all can give me the best approach or method step by step so the user doesn't get access to what is not granted to him/her wrt security.
Thanks
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Re: Application setup on logon [message #657598 is a reply to message #657593] |
Tue, 15 November 2016 08:07  |
cookiemonster
Messages: 13966
Registered: September 2008
Location: Rainy Manchester
|
Senior Member |
|
|
I have no idea why you think logging on to the main schema is necessary.
Forms itself is going to read this data and it can do so as the application user, just grant select on the table to the users and not insert/update/delete
If you're worried about people logging in and seeing what other users have access to (though I'm not sure why that would be a problem) then create a view along the lines of:
SELECT *
FROM config_Table
WHERE username = user
And grant that to the users rather than the config table.
|
|
|
|
|
|
| Re: Application setup on logon [message #657600 is a reply to message #657599] |
Tue, 15 November 2016 08:41 |
cookiemonster
Messages: 13966
Registered: September 2008
Location: Rainy Manchester
|
Senior Member |
|
|
If you're not worried about users logging in via sqlplus and querying the config table (and you shouldn't need to worry) then you don't need a view at all and you can just put that query in the form.
|
|
|
|
|
|
|
|
Goto Forum:
Current Time: Sun May 04 22:15:49 CDT 2025
|
] 
Blog
Search
Help
Members
Register
Login
Home
