Lot of time developers run big queries on prod from toad etc and screw up entire database .This is how you can enable filetrs on user machine ,tool etc . You can create a logon trigger at db level to restrict users to login from toad and sql developer .
create or replace TRIGGER block_toad
AFTER LOGON ON DATABASE
DECLARE
--Declare a cursor to find out the program
--the user is connecting with.
CURSOR user_prog IS
SELECT program,username FROM v$session
WHERE audsid=sys_context('USERENV','SESSIONID');
--Assign the cursor to a PL/SQL record.
user_rec user_prog%ROWTYPE;
BEGIN
OPEN user_prog;
FETCH user_prog INTO user_rec;
IF user_rec.program IN ('TOAD.exe', 'toad.exe','Toad.exe','TOAD.EXE','SQL Developer') and user_rec.username in ('APPS')
THEN
RAISE_APPLICATION_ERROR(-20001, 'You are not authorised to use **** as per policy in prod ');
END IF;
CLOSE user_prog;
END;
/
create or replace TRIGGER block_toad
AFTER LOGON ON DATABASE
DECLARE
--Declare a cursor to find out the program
--the user is connecting with.
CURSOR user_prog IS
SELECT program,username FROM v$session
WHERE audsid=sys_context('USERENV','SESSIONID');
--Assign the cursor to a PL/SQL record.
user_rec user_prog%ROWTYPE;
BEGIN
OPEN user_prog;
FETCH user_prog INTO user_rec;
IF user_rec.program IN ('TOAD.exe', 'toad.exe','Toad.exe','TOAD.EXE','SQL Developer') and user_rec.username in ('APPS')
THEN
RAISE_APPLICATION_ERROR(-20001, 'You are not authorised to use **** as per policy in prod ');
END IF;
CLOSE user_prog;
END;
/
No comments:
Post a Comment