08-14-2015 12:51 PM
I am wondering how would I set up the SAS 9.4 metadata security implementation dynamically.
I have defined users (added into groups) >Groups, then Permission granted to groups on folders and Oracle library TEST(the Same user are part of Groups at OS level to ownership with W permission)
example: IT group and SALE group users are in the system.
TEST Library should be accessed by IT group users, not for SALE Group Users.
For this i have granted RM & R permissions to IT group and Deny for SALE - its working as well.
Oracle DB has role component with in it.
If user from IT group want to access TEST library that should be go to Oracle Role table to do validation if that user has permission to access TEST library then allow to access, it not then no access to that user.
is this possible with SAS? Would you please suggest how to implement if possible?
08-15-2015 02:24 PM
SAS Metadatasecurity in control over Oracle security who has told sold that idea?
Opening on Oracle with shared generic user is bypassing overruling Oracle.
Orcale has his own security you could connect that to LDAP and than defnining a trust. Still needing to define the user into Oracle in the same way as at the OS level.
With the indentities present in Oracle the DBA can define the roles access and logging as Oracle security is meant to be.
08-26-2015 04:55 PM
Thank you very much and i have convinced the same message with my customer. But i want to double check with experts.
Thank you very much.