Hi all,
We have an SEC requirement that all connections to our app's database be made with the credentials of the individual user who is logged in, not with the connection configured in the database.yml.
We know this is going to kill performance and have all kinds of undesirable side effects, but it's a hard requirement. Before we start digging into Rails internals to figure out how to hack this, has anyone else solved it?
BTW, our db is Oracle, in case anyone knows how to make the initial connection and then act on behalf of the user (as if we were connected to the db with that username) for each request.
Thanks so much for any ideas, Shifra Pride Raffel and Parker Thompson Pivotal Labs
