MySQL Forums
Forum List  »  Stored Procedures

shared server and stored procedure access
Posted by: olu omo
Date: August 08, 2008 06:12AM

For a mysql shared server database account, I recently created an additional mysql login account added to a database. This new account is supposed to only have the privilege of calling stored procedures of the database, and nothing more. The reason is to allow the user to not have to use his admin account in his standalone java program (passed to many people) that connects to the database. The account called danny was created as follows:

CREATE USER 'danny'@'localhost' IDENTIFIED BY '3843wdd4';
GRANT EXECUTE ON mysqldb.* TO 'danny'@'localhost' IDENTIFIED BY '3843wdd4';

The user receives this error when trying to use stored procedures under the danny account: User does not have access to metadata required to determine stored procedure parameter types. If rights can not be granted, configure connection with "noAccessToProcedureBodies=true" to have driver generate parameters that represent INOUT strings irregardless of actual parameter types.

This error comes from not being able to see mysql.proc for his database. The suggested solution to use "noAccessToProcedureBodies=true" almost works, but has an inhibiting problem. Whenever any of those now INOUT parameters are a decimal type but are null, I receive this error: "Incorrect decimal value: 'null' for column 'XXXXX' at row 1".

It would be nice to simply invoke the statement below but that would give danny access to the stored procedure table, but that would be giving him access to the shared procedures of every account on the shared server (even more power than the admin account the user uses to manage his specific database):
GRANT SELECT ON mysql.proc TO 'danny'@'localhost';

Does anyone have any suggestions? I have not found anything googling and searching forums over last 3 days.

Options: ReplyQuote

Written By
shared server and stored procedure access
August 08, 2008 06:12AM

Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.