| Subject | Stored procedures and views |
|---|---|
| Author | Johannes Pretorius |
| Post date | 2004-07-13T10:32:19Z |
Good day
\=--=\=-=-\=-\
Considering that the view first does the query and then the
where passed will be implemented on the result . I need to ask the following.
If one uses a stored procedure to retrieve data based on the parameters passed
to it for the where clause one can get passed the view restriction.
SECURITY
========
Now the benefit of the view is that a user can have rights to the view but not the underlying tables
the view must just have rights to those tables.
My question is can this security feature also be implemented with stored procedures.
I have searched for a answer in the interbase docs but don't really get a solid answer.
PERFORMANCE ISSUE
==================
Now the second question is the performance for a stored procedure to return a result
against a normal query ? I believe that the normal query will be faster as the stored procedure
but I won't have the security.
Is there any other alternative or must we just decide what is the most important the security or the
speed and the chose ?
Thanks in Advance
Johannes Pretorius
----------
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.719 / Virus Database: 475 - Release Date: 12/07/2004
[Non-text portions of this message have been removed]
\=--=\=-=-\=-\
Considering that the view first does the query and then the
where passed will be implemented on the result . I need to ask the following.
If one uses a stored procedure to retrieve data based on the parameters passed
to it for the where clause one can get passed the view restriction.
SECURITY
========
Now the benefit of the view is that a user can have rights to the view but not the underlying tables
the view must just have rights to those tables.
My question is can this security feature also be implemented with stored procedures.
I have searched for a answer in the interbase docs but don't really get a solid answer.
PERFORMANCE ISSUE
==================
Now the second question is the performance for a stored procedure to return a result
against a normal query ? I believe that the normal query will be faster as the stored procedure
but I won't have the security.
Is there any other alternative or must we just decide what is the most important the security or the
speed and the chose ?
Thanks in Advance
Johannes Pretorius
----------
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.719 / Virus Database: 475 - Release Date: 12/07/2004
[Non-text portions of this message have been removed]