Application Level Security for Oracle Database

Question

My company's HR system is hosted by a third party organisation and I have a read-only database user account for querying. This account has access to sensitive information such as pay tables so I can't allow this to be used by everyone in my team, and creating a new database user with restricted access (or any other change to the DB itself) isn't an option.

Does anyone know of a (preferably free) reporting program that can enforce restrictions at the application level rather than the database level, so that my team would log into the application and be restricted in the entities that they can access, but under the hood the application would use my database account to access the database?

This is an Oracle database and I currently use SQL Developer and Toad, but I can't see any way of achieving this with those applications.

Many thanks in advance. Dominic

Answer 1

If you want to control the access to the tables, you need to either do it in the database or do it yourself, you may try by creating a BI/Reporting tool yourself, where you can control who have access to what, but that's probably overkill, another solution could be to replicate the database, either without the sensitive tables (if they're not needed) or with the appropiate users and permissions, this will be the development database, then once you want to deploy to production, simply change the database log in details an use the real deal.

Or course this is assuming, that you want your team to develop reports with you, if you just want them to see the final reports and that they're unabel to modify them, there are other options.