I know that you can grant access on a table whether it be select, update, delete, etc, and I know that to keep from granting access to a table you can use procedures and grant execute rights to the procedure.
Our situation is that we want to use procedures for security, but the procedures select data to populate a form and then update if applicable. We had talked about granting select to the tables by using a role since anyone can view the data, and then using procedures to update the tables. The only problem is that if we grant select to the tables and the application executes the procedure within it, the procedure will not be found and even the select will not happen.
Could some of you share how you handle security? Am I missing something with tables/procedures? Any ideas would be appreciated. We are just beginning development and need to have a handle on how we are going to do this.
Thanks,
Laura
