Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Restricting access to the database dependent upon access method

Status
Not open for further replies.
sjwales

sjwales

MIS
Jun 24, 2003
61
0
0
US
One of the application administrators set foot in my office today (how dare he!) and started off a question with "In the SQL Server World....".

Apparently, in SQLServer, there is a way to say that if user Bob is trying to connect through MS-Excel, then we allow it, but if he tries to connect in some other way, then we deny it.

Does Oracle offer something similar? I haven't been able to find anything that would indicate that it does, but I thought it doesn't hurt to ask.

We have users that are supposed to access a database via a particular application only (it's called Corvu) and we don't want them getting in via SQLPlus, Access, Excel or any other method.

I suppose it could be done via a login trigger checking the program column in v$session, but it looks like this is set to "unknown" when users are connecting through corvu, so that's not going to help me.

Any other bright ideas out there?

Thanks
Steve
 
Sort by date Sort by votes
Hmm. I was going to suggest the login trigger (that's worked for us before), but it sounds like you've hit a kink with that. Have you checked the MODULE value in v$session?
 
Upvote 0 Downvote
Well, well, I had another look this morning, and now both program and module are reporting "CVORA8.EXE", which gives me something to play with.

Now, writing login triggers is not something I've done before - would someone have an example of a trigger at login that checks the program and/or module and if it's not what is expected then disconnects with an error message?

Thanks
Steve
 
Upvote 0 Downvote
Just put your 'check' code between 'begin' and 'end':
Code: 
Create Or Replace Trigger Logon_Trg
After Logon On DATABASE]
Declare
  v_module Varchar2(40);
Begin
-- Check module (or program here) --
  Select Program Into V_module From V_$SESSION
   Where Username = User;
  If V_module != 'CVORA8.EXE' Then
    raise_application_error(-20001,V_module||' not allowed!');
  End If;
End;
/


----------------------------------------------------------------------------
The person who says it can't be done should not interrupt the person doing it. -- Chinese proverb
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

sqlPower
  • Locked
  • Question
Help with Integer to Char to Datetime stamp
Replies
2
Views
267
SkipVought
S
Livia8
  • Locked
  • Question
Alternative to "locate" command
Replies
0
Views
266
Livia8
Livia8
TheLazyPig
  • Locked
  • Question
Inserting Text Decimal to Table Error
Replies
4
Views
317
carp
carp
TheLazyPig
  • Locked
  • Question
Separate 1 row value to multiple rows
Replies
4
Views
285
carp
carp
Livia8
  • Locked
  • Question
How to forcibly logout users 2
Replies
17
Views
549
carp
carp

Part and Inventory Search

Sponsor

Back
Top