dipti shah wrote:
> I don't want users to create/drop/alter anything directly. They have
> to use stored procedure for everything. The stored procedure creates
> logging tables and stores many other auditing information so it is
> madatory to prevent users from running any direct commands.
>
may be you should use middleware instead and not let your users connect
directly to SQL at all.
so, any DDL changes, you'd call the middleware server, it would
authenticate the user, decide whats allowed, maintain your audit trail,
logging, etc. ditto, any operations that require database queries, etc,
would all be done by this middleware.