Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Need a FGAC Clue
You can buy my book if you like ("Oracle9i Administration and Management"), but an excerpt showing FGAC is posted on www.robonerd.com in the downloads section. You could use a simplified approach where the security table, instead of using a context lookup and verification of a function based on userid, uses a lookup based on the corporate id into a lookup security table.
Mike Ault
Phil Singer <psinger1_at_chartermi.net> wrote in message news:<3D782250.383F4BC0_at_chartermi.net>...
> If someone could be so kind as to give me a clue,
> I would be so graitful.....
>
> I have several web applications, each with over
> 10,000 users. When the application gets
> accessed, it 'sees' a userid provided by the
> web server. This ID is authenticated thru a
> company single log-on system, and it really can
> be trusted to ensure that whoever logged onto
> the corporate intranet was who he or she claimed
> to be, and that that person is now accessing
> my application.
>
> This application accesses Oracle through a
> single proxy Id. Creating the Ids in Oracle,
> is not an option. Therefore, the application
> validates what a user can see and do in the
> application by querying tables which match
> the corporate Id (from the web server) to
> functions and rules within the application.
>
> I would like to replace all of this with
> fine grained access control.
>
> My problem is that all the examples I have seen
> all have the user being validated having an
> Oracle account. I've done enough snooping
> to think that it can be used in the above
> situation, but I have not yet found any examples
> of how it is done. So, if someone can be so
> kind as to point me toward a reference where
> this has been done, I will be grateful. (Will
> even buy a book if that is where the example
> is found).
>
>
> Thanks.
Received on Fri Sep 06 2002 - 08:00:25 CDT