Anyone has experience using security roles to add a security layer to the database? I have a Java application that connects to the Oracle 9i and I want to avoid other Hoc Tools like SQPLUS to be used to connect to my schema causing a disaster to my data… I thought to create a role with password known only by the Java application, so when the application connects to the database the role is set and when the application disconnect the role set none. I tried this, but using the SQLPLUS tool I’m always able to do undesirable things like dropping a table…
Any ideas? What is the better solution for my case?
Thanks and Regards
you can choose using a password or package, query v$session and check for program, if substr(prigram) is such then set role otherwise return
Did you create a different user to log-on with that role.
A user that is not the schema-owner can be restricted in all ways.
Ben de Boer
Click Here to Expand Forum to Full Width