Using beforeTrigger to implement VPD security model - any suggestions?
Hi,
I'm investigating using the beforeTrigger in a data set to implement VPD security. The idea is that a parameter containing the username would be passed to the beforeTrigger pl/sql function to set the user context for that database session. I got this to work in a small prototype, but ran into a couple of what seem to be significant restrictions.
1) The pl/sql package I name in the dataTemplate defaultPackage must contain a global variable for each report parameter. In my case I'm passing the username to the pl/sql method as an bind variable argument, so I don't need/want any global variables. This is a major problem as we will have lots of reports all with different parameters. I want to bind the parameters using the :PARAM bind variable in the queries themselves.
Is there a way to avoid having to make each parameter a global variable?
2) We will need the ability to call various pl/sql packages in different reports. The following ER makes it sound as if this is not possible - but I haven't actually tested it out:
Bug# 6472921 - ALLOW FUNCTION CALL OUTSIDE OF DEFAULT PACKAGE IN DATA TEMPLATE
Is it required that all of the pl/sql calls for a data set be within the same pl/sql package?
I've included my dataTemplate below for reference.
If anyone has experience establishing VPD security for a data set using this technique or another, I'm interested in hearing what you recommend.
Thanks,
Leslie
<dataTemplate name="TARGET_DATA_TEMPLATE" defaultPackage="MGMT_IP">
<properties>
<property name="debug_mode" value="on"/>
</properties>
<parameters>
<parameter name="EMUSER" dataType="character" defaultValue="THREE"/>
</parameters>
<dataTrigger name="beforeReport" source="MGMT_IP.IPSETUSERCONTEXT(:EMUSER)"/>
<dataQuery>
<sqlStatement name="Q1">select TARGET_TYPE as TARGET_TYPE, TARGET_NAME
as TARGET_NAME from mgmt$target order by TARGET_TYPE</sqlStatement>
</dataQuery>
<dataStructure>
<group name="G1" source="Q1">
<element name="TTTYPE" value="TARGET_TYPE"/>
<element name="TNAME" value="TARGET_NAME"/>
</group>
</dataStructure>
</dataTemplate>
Hi Leslie,
Step 1.
Setup the VPD policy in database,
Create some proxy users, and create data sources and try querying, by login in with the different users.
You should be able to get the different results based on user logged in.
Step 2:
Package in data template.
for each report, you need to create separate package.
And the parameters in the report should be declared as Global variables in the report.
And once the trigger calls the package, then i guess, package has control to call other packages inside the database.
You can write all the function in the default package.
Is it required that all of the pl/sql calls for a data set be within the same pl/sql package?
I guess, yes as of now. if you need anything outside this default, you can call them in the default package like a wrapper may be.
This is what i can think right now.
Will try my luck on this and let you know :) in details.
Similar Messages
-
Safari won't open on my Macbook (Mavericks v 10.9.2). I get a message that "Safari quit unexpectedly while using the librooksbas.dylib plug-in". Any suggestions? Thanks.
Uninstall Trusteer software.
http://www.trusteer.com/support/uninstalling-rapport-mac-os-x -
When I try to delete page(s) from a PDF document I created, I geth the following message: "One or more pages are in use and could not be deleted." Any suggestions?
I sent an email to TerraGo Support and they sent the following response: "This has bug has been discovered and our development team is quickly creating a patch to resolve the problem. The patch should be available within a week or two. For your reference, the bug number assigned to this case is: 3620. Check back in about two weeks and hopefully the patch will be available. Again, I apologize for the inconvenience."
-
My iPhone 5 with 6.1.2 is draining the battery in 4 hours with little use. It has just started. Any suggestions? Any apps that are known to cause a problem? I recently loaded Fantastical and Cobook (since deleted).
hello if you dubble tap the home button and see if thare are app if so delete the. if your still haveing problem then turn the britness down. and if that duse not work you must have gottin a defective battery
-
When I try to sign in the iCloud it says " the maximum number of free accounts has been used" or something to that affect. Any suggestions ?
Sure. You can do it on a Mac at the following website: https://appleid.apple.com/account
-
I am having trouble with my JAVA Applet. It isn't functioning on SAFARI. It seems to have stopped working and I used it on SAFARI last year. Any suggestions?
Post in the Safari forum area.
-
Someone else is using my email address as I'd, any suggestions?
Are you sure it isn't you? Apple sends e-mail to the address provided which means that even if somebody did have the wild idea of signing up for an account with an address that isn't theirs, it would just end up with you receiving their e-mail and essentially being able to take over their account.
By the way, "I'd" = "I would". I.D. = "Identity". -
Hi, I recently upgraded to OX X Mountain Lion, and now I cannot upload any of my pictures from iphoto or even my desktop to email, etc. After I choose my file and hit "attach file" to upload, it says: "Invalid File Specified". I am using jpg, so I'm confused. Any suggestions?
Not having a media card in your BlackBerry may affect your ability to transfer media files onto it. There is a file size limit of 2.86MB when transferring files into device memory. http://bbry.lv/9XNuy0
Have you verified that the applications you are trying to install are supported by your current wireless provider? Unlocked devices from one provider may not have full functionality on another network.
-FS
Come follow your BlackBerry Technical Team on Twitter! @BlackBerryHelp
Be sure to click Kudos! for those who have helped you.
Click Solution? for posts that have solved your issue(s)! -
Hi Chaps, When I connect a USB although it appears on my desktop it does not now appear in the finder(It used to) ,so I cannot export photos, any suggestions would be wonderful
Thanks SueFrom Finder menu select Preferences -> Sidebar tab, and tick External disks
-
Screen on my iPhone 5 is unresponsive. Factory reset, and everything. No light at all, nothing. I can still use Siri to do everything though. Any suggestions?
Basic troubleshooting from the User's Guide is reset, restart, restore (first from backup then as new). Try each of these in order until the issue is resolved.
If basic troubleshooting does not resolve the issue, take the device to Apple for evaluation and possible replacement. -
I have 2 apple ID and I need to get rid of one to use icloud on my iphone and ipad. any suggestion?
I have 2 apple ID and I need to get rid of one to use icloud on my iphone and my ipad. Any suggestion?
Hi Pierre,
There's no way to merge them yet, so all you can do now is make 1 of them the master ID for iCloud. You have to continue to use the other for previous iTunes, Mac App Store updates. Have you read:
Apple IDs and iCloud
Al -
I was able to sync to itunes using IPod Touch, now not able too, any suggestions?
I am unable to sync to Itunes via my IPod Touch. I have been able to until I recently needed to restore my music using Norton's backup and restore. I am able to accesss picture and everything else, just not abel to sync. I have removed all itunes programs, and downloaded again to my computer under Windows 7, 64 bit., but still not able to sync. Getting error 'Itunes could not connect to this IPOD because an unknown error occurred, 0XE800000A'. I have changed out USB cables, but ths did not work. any suggestions?
Did you follow all suggestions mentioned here: iPhone, iPad, iPod touch: Unknown error containing '0xE' when connecting including reinstalling iTunes and checking that Apple Mobile Device Service is still active? iPhone and iPod touch: How to restart the Apple Mobile Device Service (AMDS) on Windows XP and Vista
-
Just downloaded the latest version of iTunes, but can't find "Power Search" anymore to locate specific songs or artists quickly? "Browse" takes waaay too long. Any suggestions?
http://www.apple.com/feedback/kaywerty wrote:
A rather long winded way of asking if anybody knows if it's possible to have multi-windows open
It's not possible.
Suggestions here -> Apple Product feedback -
Hi I've just installed OS X Yosemite Version 10.10.2 - My Apple USB Keyboard will no longer work. Any suggestions? (iMac Retina 5K, 27inch Late 2014) Thanks.
Hi, thanks for the assist. Looks like there is a glitch in the new software, as I did as you suggested, removed other USB devices, powered off. Then plugged in the keyboard - re started and hey presto it worked. Thanks v.m.
-
I would appreciate any suggestions you might have. I did not back up my IPhone4 - stupid on my part. It just quit the other day. It is in a coma. I have tried recharging and rebooting to no avail. My greatest concern are several pictures that I cannot replace. Is their an internal sim card that perhaps could be recovered. I need to return the phone to Verizon as they mailed me a replacement due to the fact that no one at the local Verizon store could awaken the phone. Please help if you have ANY suggestions! Of course, i will backup everything in the future - just hoping for a chance with these pics and contacts.
I ceaned the fan, the computer shuts down when I hit ENTER after logging in (again, i have a password set)
I did manage to do a a start-up repair w/out the comp shutting down half way through. This was in the detailed diagnosis and repair:
Root Cause Found:
Boot critical file d:\windows/system32\kdcom.dll is corrupt.
Repair action: File Repair
Result: Failed. Error Code= 0x490
Time Taken:5460ms
Repair Action: system restore
result: Completed successfully. Error Code= 0x0.
I also get a message::
Windows cannot repair this computer automatically.
If you have recently attached a device to this computer, such as a camera or portable music player, remove it and restart your computer. If you continue to see this message, contact your system administrator or computer manufacturer for assistance.
**any of this help you??**
I appreciate your help!!
Maybe you are looking for
-
How to add photos to iPad and iPhone from my Mac?
I have an iPad 2 and an iPhone 4. I have downloaded and installed the new OS for them, and I run iTunes 11.0.1 on my Mac. I can no longer find a way to sync photos from my Mac to either device. Why no photos tab on 11.0.1?
-
Finder is slow, it took me about 30 sec to open a folder
I just bought the new mac mini two days ago, this problem occured just now. Now it took me more than 30 seconds to open a folder. The only think I could think about which might cause this problem is that I try to share the DVD drive on my mac book pr
-
Hi, I've been asked if there's a way to do an export of a regular Oracle table in XML format. I've been researching, but I'm still unclear. Is there a way to perform an export of an Oracle table in XML format? Also, would the reverse work with import
-
WebDav and full paths bypassing authentication?
Heyas, Why would a WebDav share allowing me to download a file, without authentication, if I type in the full path to the file? This is in browser by the way; "Connect to server" requires authentication either way. Example: http://dav.url.com/test w
-
WAP4410N Limit to wireless web views?
Greetings of the day: Hello, I have a client who has three WAP4410N Firmware V 1.0.12 and Hardware Rev.12 all connected to an RVS4000 as a gateway, when using wireless clients to access wirelessly the management interface of all three only two open,