I have come across sites that differentiate schema owner from application owner. What is the benefit for implementing such a security model.
I have tried searching the technet site but did not find any papers or documentaion. Any feedback will be appreciated.
Perhaps you are referring to the application connecting as a different user than actually owns the tables or schema?
Makes sense. Then you can just grant the necessary table and procedure priviledges to the APP_USER. That way the application cannot drop tables or mess with your DB in ways you do not want it to.
Is that what you are referring to?
That's exactly correct.
But what if the app requires on the fly d/b object creation (say a form based application) where the user can design his own form and have the data stored in a table. Is there a way to control that ?
Click Here to Expand Forum to Full Width