What is middleware? Is it similar to stored procedure? That what I have been doing. I have revoked all permissions from mydb schema from public and have SECURITY DEFINER enable for stored procedure to allow creating/droping/altering tables.
Thanks. On Tue, Mar 9, 2010 at 12:19 PM, John R Pierce <pie...@hogranch.com> wrote: > dipti shah wrote: > >> I don't want users to create/drop/alter anything directly. They have to >> use stored procedure for everything. The stored procedure creates logging >> tables and stores many other auditing information so it is madatory to >> prevent users from running any direct commands. >> >> > > may be you should use middleware instead and not let your users connect > directly to SQL at all. > > so, any DDL changes, you'd call the middleware server, it would > authenticate the user, decide whats allowed, maintain your audit trail, > logging, etc. ditto, any operations that require database queries, etc, > would all be done by this middleware. > > > > >
