April 2, 2008 at 7:58 pm
Guys,
I have 2 users emp_rw (read write) and emp_ro in the database through which application accesses the database.
Now I would like to replace this users with roles and assign emp_rw, emp_ro to roles. Which roles should be created -
database roles or application roles what is the difference between application and database roles.
currently I execute the below statement to grant rights on database objects to emp and emp_ro users, can this be changed
to grant rights to role instead of user.
grant execute on to emp_ro
Any suggestions and inputs would help.
Thanks
April 9, 2008 at 9:38 pm
You want to use normal database roles. Application roles must be specially enacted by a stored procedure. It sounds like the setup you have, that's not the way to go.
And as far as the GRANT rights are concerned, yes, it can be changed to the role without issue.
Also, once you make the users members of the appropriate roles, remember that you'll need to use REVOKE to remove the permissions from the users.
K. Brian Kelley
@kbriankelley
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply