APEX

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

APEX and Row Level Security (RLS)

Harry83Apr 26 2010 — edited May 3 2010

What is the way to get around the problem that prevent application express to use oracle row level security (RLS)?

Currently all sql executions are carried out under APEX application schemas on behalf of application end users. In other words, the application is executed under "definer" rather than associated with the privileges of currently end users.

Therefore, when you try to access to the data protected by RLS, RLS checks the privileage of of APEX application schema rather than the end user. This could represent a security hole when using APEX.

Is it possible to use pl/sql concept of “current user” to deploy the apex application under current user’s security privileges to execute related sql statements.

Edited by: user3935570 on 27/04/2010 15:08

Locked Post

New comments cannot be posted to this locked post.

Locked on May 31 2010

Added on Apr 26 2010

#apex-discussions

8 comments

3,367 views