On Thu, Nov 12, 2009 at 6:20 AM, Warren Smith <war...@wandrsmith.net> wrote: > > If this question would be more appropriate for django-users, please > let me know. I ask it here because I suspect that the answer to my > question may require someone with a fairly deep understanding of the > ORM internals. > > I have a legacy oracle database that I would like to use with the > Django ORM. Unfortunately, the security for this database is > implemented using oracle users and roles, making it necessary for each > user to have their connection to the database use their own > credentials, which translates into a connection for each user. > Although I can retrieve the credentials from the user and keep them in > session, it is not apparent to me how to configure the ORM to > appropriately use them. Unfortunately, changing the database security > model is not an option. > > The research I have done seems to indicate that this mode of operation > is not supported. > > Am I correct or am I missing something?
You're pretty much correct. Django assumes that it has a single trusted login to the database. > If it is not officially supported, is there a way it could be made to > work safely? We are already using a custom version of django 1.1.1, > so I'm not opposed to making some additional custom changes, though I > prefer to avoid them. I can't think of an easy way - connection is essentially a singleton in Django 1.1. However... > Alex and Russell, would the work you have done in the multi-db branch > have any bearing on this use case? Multi-db allows you to set up multiple database credentials; the usual reason for this is to split DB load across multiple database servers, but I don't see any reason you couldn't also use it to provide multiple connections to a single server, each with different credentials. So - you should be able to use the using() query operator to force a particular query to use a particular set of credentials (and thus a particular database connection). I haven't given this particular use case enough thought to make any comment on how the UI could be made cleaner. So far, we've been concentrating on the 'user accounts are on db X', sharding model X based on PK, and supporting master/slave replication as the end-user use cases that we want to satisfy. We'd certainly be interested in any input on ways to improve usability for the multi-credential case. Yours Russ Magee %-) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---
