Folks,
In a customized struts framework with Hibernate in data layer, we've designed and implemented a user management, authentication and authorization system. Users may connect to this system and see some menus.
Beside this and some other security levels, we have to set a security policy on rdbms ROWS. There are some ways to do.
One, is to use Oracle Security Policy, abstract from hibernate.
Two, We save some conditions (where clause) on tables, for every user. When this user gets (or saves or ...) any data from a table, the where clause defined for this table/user would be added to this SQL.
Is there any way or any (class to implement/override) to reach to this automatically?
any comments about this design and solutions are welcome.
Thanks
Amin Emami
J2EE Architect
Sun Certified
|