Hi,
What would be the best work flow to allow for multiple Oracle Users when using a Bentley Map schema? For security reasons we would like each user to have a separate login when connecting to Oracle.
Regards,
Krister
Seperate logins, but using the same XFM Schema ? Or Seperate loginsdoing ad-hoc retrievals ( ie no XFM Schema). Is this Bentley Map or PowerMap ?
Bentley Map and several users, one schema.
/Krister
Owner consultant at Surell Consulting AB
Hi. I'll just try to add a little bit of information on top of the excellent help that Ian provided here. A dgn file is indeed a single-editor format. Each of your users should be using a different dgn file to query, edit and post data to Oracle. This shouldn't pose problem as when editing data in an Oracle spatial (or other) database the dgn is just a temporary copy of the data for editing.
I have never heard of locks staying in the database in the event that the software crashes, except if you are using Oracle's Workspace Manager functionality, therefore using long transactions with pessimistic locking mode. In that case yes, locks should survive sessions and you must release the locks and manage the versions.
Hope this helps,
Martin
Each user works in a temporary file and handeling multiple users in Oracle is what Oracle is all about. What I was hoping for was a nice create user script that handles all the grants that is neccessary. In GeoGraphics there was a menu option for creating an additional users (even if it some strange things). My guess is that Bentley Map also need some additional grants apart from the obvious to be happy.
The following is what I needed for read-only access to create a user that just have access to named tables. Please fill in with anything missing for a complete script for a full access user.
CREATE USER bm_user
IDENTIFIED BY bm_user
DEFAULT TABLESPACE user_data
QUOTA UNLIMITED ON user_data
TEMPORARY TABLESPACE temp
PROFILE default;
GRANT CREATE SESSION TO bm_user;
GRANT CREATE TABLE TO bm_user;
-- Select all relevant tables
GRANT SELECT ON XXX.TABLE1 TO BM_USER;
GRANT SELECT ON XXXX.TABLE2 TO BM_USER;
...
Does the user have to exist in USER_SDO_GEOM_METADATA?
Instead of doing that for each user, why not create a DB ROLE that assgns all the privs, and then grant the new user that ROLE ?
Tx.
Jerry
Absolutely!
But I still need to find out exactly what grants and tricks I need for a new, fully functional, Bentley Map user.
Krister,
You will first need to grant each user the required privileges for the table(s) and sequence(s) (if INSERT is required) object(s) from your master schema. Then view(s) are created with disabled primary key constraints that are named the same as the master table(s). Finally you would need to add the required metadata into the USER_SDO_GEOM_METADATA view, using the values from the same master table entries as seen from the ALL_SDO_GEOM_METADATA view.
For example, a SQL script similar to the following could be used.
Jeff Bielefeld [Bentley]
Hi Jeff,
Could it also be possible to use a synonym instead of a view? In the example, "create synonym my_table for master.my_table"?
I've just tested using synonyms instead of views and it seems to work just fine.