3 Configure Oracle Deep Data Security for Direct Logon with Local End Users
In this quick-start chapter, you learn how to configure Oracle Deep Data Security (Deep Sec) in an Oracle AI Database environment to enable direct logon for locally managed end users.
This is the simplest scenario to configure and is ideal for development and testing environments, or product demonstrations.
- Create a sample HR schema with employee records.
- Create end users (Marvin and Emma) with password authentication.
- Create data roles and grant them to the end users.
- Define data grants to enforce role-based access control, so Marvin and Emma see only the data they are authorized to access.
- Validate the configuration by logging in as each user and querying the protected table.
No external identity and access management (IAM) system, TLS configuration, or application is required. End users authenticate directly to the database using their user name and password.
Note:
For a sample script that runs this entire scenario, see Scripts for Direct Logon with Local End Users.Overview of tasks
| Task | Topic |
|---|---|
|
Review prerequisites |
|
|
Create a sample HR schema and populate it with employee records |
|
|
Create local end users with password authentication |
|
|
Create data roles and grant database privileges |
|
|
Define data grants to enforce row-level and column-level access control |
|
|
Log in as each user and verify role-based data access |