My team is using Oracle Membership Provider to help manage users for a .NET 4, MVC3 web application. We've recently discovered that our client insists that the schema owning the objects be different from the schema/user the web app uses to connect to the database. Granting permissions to a second schema is not a problem, but how can we configure the Membership Provider to look in a different schema than the connecting user for its tables, functions, etc.?
Synonyms appear to be the only answer. We are not using all of the Membership Provider's functionality, but the following query seems sufficient to generate the synonyms we need:
DECLARE
CURSOR ora_obj_rows IS (SELECT * FROM ALL_OBJECTS WHERE OWNER = '&owner_user' AND OBJECT_NAME LIKE 'ORA_ASPNET%' AND OBJECT_TYPE IN ('TABLE', 'PACKAGE', 'FUNCTION'));
BEGIN
FOR ora_obj IN ora_obj_rows
LOOP
EXECUTE IMMEDIATE 'CREATE SYNONYM "' || '&login_user' || '"."' || ora_obj.OBJECT_NAME || '" FOR "' || '&owner_user' || '"."' || ora_obj.OBJECT_NAME || '"';
END LOOP;
END;
/
&owner_user and &login_user are parameters filled in at execution time. (Since we're using scripts, we DEFINE them above.) The user executing this query will need to be able to see the objects in ALL_OBJECTS and have rights to create a SYNONYM on the login user. Additionally, appropriate read and write privileges will need to be granted on these objects.
If someone else has something better, I will gladly mark it as an answer.