This week's book giveaway is in the OCMJEA forum. We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line! See this thread for details.
In oracle database there are three methods for implementing row/column level security :
- views and access control over these views.
- Virtual Private Database.
- Oracle Label Security.
But all of them use the user account utilized to logging into database.
The context of my question is :
user --> webServer --> EJBserver --> DataBase
In a application server (oracleAS, jobss, etc) you create a connection pool for connecting againts database. This connection pool utilize a predefined user/password for all the connection.
But each user use a different user/pass for logging into web application.
Is there any maner to implement row/level security in this context, using account utilized in web application inestead of account utilized in connection pool?