Categories
- All Categories
- 15 Oracle Analytics Sharing Center
- 14 Oracle Analytics Lounge
- 214 Oracle Analytics News
- 42 Oracle Analytics Videos
- 15.7K Oracle Analytics Forums
- 6.1K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 78 Oracle Analytics Trainings
- 14 Oracle Analytics Data Visualizations Challenge
- Find Partners
- For Partners
Unable to restrict schema access for specific user in OAC
Use Case:
I want to create a connection for a single user schema in ADW. The goal is that when the user creates a dataset, they should only see the tables from their specific schema and not from other schemas.
Details:
- Approach 1:
I tried creating a connection by providing the username and password for the specific user whose schema I want to display. For authentication, I selected the default option, "Always use the credentials." However, when I attempted to create a dataset, I could see all schemas in ADW, not just the user’s schema. - Approach 2:
I provided the username and password for the specific user again but selected the "Require users to enter their own credentials" authentication option. When I tried creating a dataset, it prompted me for a username and password. I entered the ADW username and password (for the schema I want to access), but it gave an "invalid credentials" error.
Questions:
- With Approach 1, is it possible to limit the connection to only show the schema for the specified user?
- With Approach 2, am I using the correct username and password, or is it expecting different credentials to access the schema?
Answers
-
Hello @Rashmi Jadhav-Oracle ! Thank you for getting in touch. Is this a function you are trying to carry out in your own OAC environment or via the Oracle Analytics Data Visualization Challenge instance?
0 -
I am trying it in my OAC environment.
0 -
@Rashmi Jadhav-Oracle understood!
If this is a general question about the use of OAC rather than a question around the Data Visualization Challenge, I would recommend moving your question to another forum. Once you confirm that is the case, I will move your question to a channel where you will get a swifter response.
Does that work for you?0 -
Yes, that would work for me.
Thank you.
1 -
Rashmi, saw this and just trying to help…this behavior would be totally consistent with the Oracle user having DBA privileges. It may be as simple as that. On a development box, I often have DBA privileges because it's just easier, but that gives my user access to all schemas. I suspect the behavior of being able to see all schemas instead of just the user's schema has something to do with the rights being GRANTed to that user.
Dan Vlamis
0 -
The question isn't an OAC question, but an Oracle database question: OAC doesn't do anything the database user isn't allowed to do. OAC doesn't have any special access or extra features to display things the user itself can't see in the database.
If you didn't configure the database user wrongly, it can see the other schemas, but can't use the objects they contains. Speak with your DBA and ask them to restrict the grants of the database account you use the maximum they can (or check if it isn't already the case). Seeing all the existing schemas I believe it is a default thing in the database, but again: you see them, but you can't touch them.
0 -
Thanks @Gianni Ceresa and @Dan Vlamis, I checked and it was a database grant issue, which is now fixed.
Regarding my second question on Approach 2, do you have any insights on what username and password are expected? Is it the DB username and password?
0 -
Rashmi, I believe it is the Oracle DB credentials that are to be used—specifically, the DB username and DB password. BUT, the software can seemingly get confused, and the error messages are often misleading or cryptic, perhaps intentionally, because after all, it is security after all. I'll let Gianni answer in case he sees it differently.
Dan.
0
