tag:blogger.com,1999:blog-8884584404576003487.post1067839491030427423..comments2024-02-29T09:43:12.251-05:00Comments on ORACLENERD: How To: Users and Roles (Simple)oraclenerdhttp://www.blogger.com/profile/12412013306950057961noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-8884584404576003487.post-75900068495741019072009-07-30T14:06:38.069-04:002009-07-30T14:06:38.069-04:00@patrick
Good observation. I had database roles ...@patrick<br /><br />Good observation. I had database roles in mind with that table (VARCHAR2(30)) since eventually, Apex will have the ability to utilize not only database authentication but authorization. That was definitely my end game. Start with that and then transition over.<br /><br />chetoraclenerdhttps://www.blogger.com/profile/12412013306950057961noreply@blogger.comtag:blogger.com,1999:blog-8884584404576003487.post-72418733963464554082009-07-30T14:02:28.341-04:002009-07-30T14:02:28.341-04:00Hi Chet,
btw, you do not even need your own roles...Hi Chet,<br /><br />btw, you do not even need your own roles table. Just create database roles and use the oracle dictionary views to check which database user is assigned to which database role.<br /><br />Regards<br />PatrickPatrick Wolfhttps://www.blogger.com/profile/16652802762749621200noreply@blogger.comtag:blogger.com,1999:blog-8884584404576003487.post-37730727086221587842009-07-21T09:41:09.102-04:002009-07-21T09:41:09.102-04:00Mr. Scott,
I saw those options, but I think I cho...Mr. Scott,<br /><br />I saw those options, but I think I chose page. I believe you are right though, it is very unlikely that there privileges will change mid session so once will be good enough.oraclenerdhttps://www.blogger.com/profile/12412013306950057961noreply@blogger.comtag:blogger.com,1999:blog-8884584404576003487.post-42858448654474262422009-07-21T08:20:44.881-04:002009-07-21T08:20:44.881-04:00Hi Chet,
The other nice thing is that you can cac...Hi Chet,<br /><br />The other nice thing is that you can cache the authorization per session, so that it's evaluated once and you don't incur the 'overhead' of rerunning your code each time you want to check if they're a developer etc.<br /><br />Obviously in certain circumstances you might want to run the code each time, however for something like this where the authorization check is pretty much tied to the user, it's unlikely to change during the duration of their session (and if it did, there's a nice APEX_UTIL.RESET_AUTHORIZATIONS routine which lets you reset any cached authorizations).<br /><br />John.John Scotthttp://jes.blogs.shellprompt.netnoreply@blogger.com