Hello, I'm new to oracle, but familar with J2EE serverside. I do research trying to answer the question: What options do Oracle provide to implement authorization in oracle forms 10g. I understand how authentication is done using OID and oracle SSO services. But after successfull login how to protect specific parts of GUI forms based on user's role. Classic approach is to store the authorization information in oracle DB. Are there any alternatives? For example, what if I'd like to store authorization configuration in some single LDAP server lets say the same OID?

Any suggestions?