Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Need a FGAC Clue

Need a FGAC Clue

From: Phil Singer <psinger1_at_chartermi.net>
Date: Thu, 05 Sep 2002 23:34:40 -0400
Message-ID: <3D782250.383F4BC0@chartermi.net> 






If someone could be so kind as to give me a clue,
I would be so graitful.....



I have several web applications, each with over
10,000 users.  When the application gets
accessed, it 'sees' a userid provided by the
web server.  This ID is authenticated thru a
company single log-on system, and it really can
be trusted to ensure that whoever logged onto
the corporate intranet was who he or she claimed
to be, and that that person is now accessing 
my application.



This application accesses Oracle through a
single proxy Id.  Creating the Ids in Oracle,
is not an option.  Therefore, the application
validates what a user can see and do in the
application by querying tables which match
the corporate Id (from the web server) to
functions and rules within the application.



I would like to replace all of this with
fine grained access control.



My problem is that all the examples I have seen
all have the user being validated having an
Oracle account.  I've done enough snooping
to think that it can be used in the above
situation, but I have not yet found any examples
of how it is done.   So, if someone can be so
kind as to point me toward a reference where 
this has been done, I will be grateful.  (Will
even buy a book if that is where the example
is found).




Thanks.

-- 
Phil Singer                |    psinger1_at_chartermi.net
Oracle DBA                 |    Ford FPDS


Received on Thu Sep 05 2002 - 22:34:40 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US