Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
how to force a user to access a view and not the base tables...
5 views
Skip to first unread message
Bruce
Feb 8, 2012, 8:28:27 AM2/8/12
to
Hi all -
DB2 V9.7.5 under AIX 6.1
I want to force users to do their SELECT etc statements against a view
and not against the underlying table(s) in that view.
Any ideas?
DB2 V9.7.5 under AIX 6.1
I want to force users to do their SELECT etc statements against a view
and not against the underlying table(s) in that view.
Any ideas?
Tonkuma
Feb 8, 2012, 9:17:13 AM2/8/12
to
Revoke all provoleges for the tables.
And grant necessary privileges for the views.
And grant necessary privileges for the views.
Bruce
Feb 8, 2012, 10:38:44 AM2/8/12
to
On Feb 8, 9:17 am, Tonkuma <tonk...@fiberbit.net> wrote:
> Revoke all provoleges for the tables.
> And grant necessary privileges for the views.
How would that help? I wouldn't be able to get to the tables... I
> Revoke all provoleges for the tables.
> And grant necessary privileges for the views.
want to simply enforce the rule: You MUST use the view and not select
on the base table.
Ian
Feb 8, 2012, 11:15:25 AM2/8/12
to
permission
to a user to access a view, you are giving them the ability to see the
data in
that view, even if that user can't read the base table.
gimme_this...@yahoo.com
Feb 8, 2012, 10:34:22 PM2/8/12
to
Ideas...
I saw a write-up that made it where users had different resultsets
when selecting from the same table.
The example had someone in New York doing queries on a table who
shouldn't be allowed to see stuff in New Jersey.
And I saw write-up just yesterday at IBM's site.
But just now I spent 5 minutes trying to find it and came up with
nothing :-)
The paper might have had to do with Transparent LDAP Authentication -
then maybe not. It wasn't a PDF white paper - it was HTML - like a
tutorial.
I saw a write-up that made it where users had different resultsets
when selecting from the same table.
The example had someone in New York doing queries on a table who
shouldn't be allowed to see stuff in New Jersey.
And I saw write-up just yesterday at IBM's site.
But just now I spent 5 minutes trying to find it and came up with
nothing :-)
The paper might have had to do with Transparent LDAP Authentication -
then maybe not. It wasn't a PDF white paper - it was HTML - like a
tutorial.
Helmut Tessarek
Feb 27, 2012, 4:50:56 PM2/27/12
to
On 08.02.12 22:34 , gimme_this...@yahoo.com wrote:
> I saw a write-up that made it where users had different resultsets
> when selecting from the same table.
>
> The example had someone in New York doing queries on a table who
> shouldn't be allowed to see stuff in New Jersey.
>
> And I saw write-up just yesterday at IBM's site.
>
> But just now I spent 5 minutes trying to find it and came up with
> nothing :-)
You are talking about LBAC (Label Based Access Control) and this won't help in
> I saw a write-up that made it where users had different resultsets
> when selecting from the same table.
>
> The example had someone in New York doing queries on a table who
> shouldn't be allowed to see stuff in New Jersey.
>
> And I saw write-up just yesterday at IBM's site.
>
> But just now I spent 5 minutes trying to find it and came up with
> nothing :-)
this situation.
--
Helmut K. C. Tessarek
DB2 Performance and Development
IBM Toronto Lab
0 new messages