Manualshelf

Corporation Network Router User Manual

ManualsBrandsOracle ManualsNetwork RouterOracle Database B10772-01
301302303304305306307308309310
About Using Shared Schemas for Enterprise User Security
Getting Started with Enterprise User Security 11-19
About Using Shared Schemas for Enterprise User Security
The following sections describe shared schemas, and how to set them up:
Overview of Shared Schemas Used in Enterprise User Security
How Shared Schemas Are Configured for Enterprise Users
How Enterprise Users Are Mapped to Schemas
Overview of Shared Schemas Used in Enterprise User Security
Users do not necessarily require individual accounts or schemas set up in each
database. Alternatively, they can connect to a shared schema and be granted access
to objects that are associated with target applications. For example, suppose that
users Tom, Dick, and Harriet require access to the Payroll application on the
Finance database. They do not need to create unique objects in the database, and
therefore do not need their own schemas, but they do need access to the objects in
the Payroll schema.
Oracle Database supports mapping multiple users stored in an enterprise directory
to a shared schema on an individual database. This separation of users from
schemas reduces administration costs by reducing the number of user accounts on
databases. It means that you do not need to create an account for each user (user
schema) in addition to creating the user in the directory. Instead, you can create a
user in the enterprise directory, and map that user to a shared schema which other
enterprise users can also be mapped to. For example, if Tom, Dick and Harriet all
access both the Sales and the Finance databases, you do not need to create an
account for each user on each of these databases. Instead, you can create a single
shared schema on each database, such as GUEST, that all three users can access.
Then individual access to objects in the Sales or Finance database can be granted to
these three users by using enterprise roles. A typical environment can have up to
5,000 enterprise users mapped to one shared schema and each user can be assigned
a set of enterprise roles.
Oracle recommends that you create a separate shared schema that contains no
objects to use as an entry point. Then grant access to application objects in other
schemas through enterprise roles. Otherwise, application objects can be
inadvertently or maliciously deleted or altered.
In summary, shared schemas provide the following benefits:
Shared schemas eliminate the need to have a dedicated database schema on
each database for each enterprise user.