logon trigger

Hi all

I need help to create the logon trigger. Help, please... Here are the details.

I have a name like "TEST" userid and 50 users are using the same username name to connect. I would like to limit some users read only the single task and some users to read the writing task using the same user name 'TEST '. I have all the machine name of 50 users. The logon trigger to control the permission(readonly/readwrite) according to the name of the computer at the time of the connection. Please help write the trigger. Thanks in advance.

Kind regards
Manon

Since you know the host names for 50 users, you can create the logon trigger to learn namespace and the setting via SYS_CONTEXT.

For example, SELECT SYS_CONTEXT ('USERENV', 'HOST') of double;

You will need to test for the hosts that you want to allow to read and write over the hosts that you want to only allow reading. To set read-only compared to the privileges of reading / writing, I suggest to create two roles respectively and based on the condition, set the role for the session.

CREATE THE TRIGGER
...
l_host VARCHAR2 (128);
BEGIN
SELECT SYS_CONTEXT ('USERENV', 'HOST') IN the double l_host;
IF l_host IN (list of hosts for read-only)
-series playback only
READ_ONLY_ROLE ROLE PLAY;
ON THE OTHER
READ_WRITE_ROLE ROLE PLAY;
END IF;
END;
/

Tags: Database

Similar Questions

When clause is missing from the logon trigger

I have a questions that looks very similar to 14840619 of Bug - FORUM - RELAXATION-CLAUSE WHEN NOT WATCH if ONLY a BASIC USER PRIVILEGES
Assuming that SCOTT is a DBA and it issues the following command to create a logon trigger.
CREATE OR REPLACE TRIGGER "SYSTEM". "SCOTT_LOGON_TRG" AFTER LOGON ON DATABASE.
WHEN BEGIN (USER in ("SCOTT"))
RUN IMMEDIATELY 'ALTER SESSION SET EVENTS "TRACE NAME CONTEXT FOREVER, LEVEL 12 10046" ';
END;
/
ALTER TRIGGER 'SYSTEM '. "" SCOTT_LOGON_TRG "DISABLE;
The trigger is created successfully.
When you view the trigger of the developer sql code I don't see the WHEN clause.
IM using sql developer version 4.0.1.14 (Build hand 14.48) 64-bit on Windows 7
Is this a known bug?
Thank you

I created a service request with the support of the Oracle, and they were able to reproduce the issues.

Here is the related bug number

Bug 18603106 : WHEN CLAUSE is MISSING THE LOGON TRIGGER

Logon trigger does not not on DB-Link?

Hi all
I have a serious question on the table access via a database link.
I have three schemas:
DATA@SOURCE
INTERFACE@SOURCE
WORK@TARGET
DATA schema has a table called T1
The scheme of the INTERFACE has select privileges on all the DATA tables. In addition, INTERFACE schema has a logon trigger change the "current schema" data:
```
CREATE OR REPLACE TRIGGER TRG_A_LOGIN_SET_SCHEMA AFTER LOGON
ON INTERFACE.SCHEMA
BEGIN
execute immediate 'ALTER SESSION SET CURRENT_SCHEMA = DATA';
END;
```
The scheme of WORK has a link database to the schema of the INTERFACE called INT_DB_LINK.
I am now logged in the scheme of WORK on the TARGET database and I will execute following statement:
```
select a from T1@INT_DB_LINK
```
-> it works
Then I run
```
declare
  cursor c is  
  select a
    from T1@INT_DB_LINK
   where rownum<2;
begin
  for r in c loop
    null;
  end loop;
end; 
```
It does not work. Error message is ORA-000942: table or view does not exist.
But why?
Can someone help me?
Thanks in advance
Py

Hi all

After a long, very long search I found what caused this strange behavior.

The error ORA - was not triggered by the SQL execution engine, but by the SQL-parser/SQL-Validation.

The second statement is that an anonymous block of SQL Oracle parser checks all the dependencies of objects before execution.

This means that a connection is established to the TARGET to SOURCE checking if table T1 is available. The strange thing is

that, in this respect the "ALTER SESSION" trigger is not fired. If the Analyzer does not find the object T1 in schema INTERFACE.

If I create an empty table T1 in INTERFACE the anonymous block gets analysis/validated and the statement is executed. But this

time the block made a normal life 'connect session' and the trigger is triggered. This means that statements access table T1

DATA schema. (But T1 in the INTERFACE should be existing this analysis/validation works)

I don't know if it's a bug or a feature.

To work around this I created private synonyms in the diagram pointing to DATA objects INTERFACE.

Thanks for your help!

Py

------

regarding the other question:

Yes, the permissions are granted on a role.

In NLS_SESSION_PARAMETERS logon trigger does not

Hello

I have a problem with a logon trigger setting session parameters:

create or replace
TRIGGER standard.after_logon_trg
AFTER LOGON ON STANDARD.SCHEMA
BEGIN
  DBMS_APPLICATION_INFO.set_module(USER, 'Initialized');
  EXECUTE IMMEDIATE ('ALTER SESSION SET current_schema=standard');
  EXECUTE IMMEDIATE ('ALTER SESSION SET NLS_DATE_LANGUAGE=''AMERICAN''');
  EXECUTE IMMEDIATE ('ALTER SESSION SET NLS_TERRITORY=''AMERICA''');
  EXECUTE IMMEDIATE ('ALTER SESSION SET NLS_TIMESTAMP_FORMAT=''HH24:mi:ss''');
  EXECUTE IMMEDIATE ('ALTER SESSION SET NLS_DATE_FORMAT=''YYYY-MM-DD''');
  EXECUTE IMMEDIATE ('ALTER SESSION SET NLS_COMP=LINGUISTIC');
  EXECUTE IMMEDIATE ('ALTER SESSION SET NLS_SORT=BINARY_CI');
  insert into standard.testcc (bezeichnung, datum) values ('logontrigger', SYSDATE);
END;

After I connect, the new row is added to the table, but the session parameters are completely intact.
Select * from NLS_SESSION_PARAMETERS says:

NLS_LANGUAGE     GERMAN
NLS_TERRITORY     GERMANY
NLS_CURRENCY     €
NLS_ISO_CURRENCY     GERMANY
NLS_NUMERIC_CHARACTERS     ,.
NLS_CALENDAR     GREGORIAN
NLS_DATE_FORMAT     DD.MM.RR
NLS_DATE_LANGUAGE     GERMAN
NLS_SORT     GERMAN
NLS_TIME_FORMAT     HH24:MI:SSXFF
NLS_TIMESTAMP_FORMAT     DD.MM.RR HH24:MI:SSXFF
NLS_TIME_TZ_FORMAT     HH24:MI:SSXFF TZR
NLS_TIMESTAMP_TZ_FORMAT     DD.MM.RR HH24:MI:SSXFF TZR
NLS_DUAL_CURRENCY     €
NLS_COMP     BINARY
NLS_LENGTH_SEMANTICS     BYTE
NLS_NCHAR_CONV_EXCP     FALSE

If I run the ALTER SESSION statements in the sql (standard user) console, they work perfectly, so this seems to be without end of permission.

Which is wrong with the trigger?

Thanks and greetings
Christian

Published by: 853536 on 20.04.2011 00:31

OK, I traced the entire database and discovered that my settings are overwritten. So after that my trigger has been executed, the NLS Session parameters are changed, for example:

=====================
PARSING IN CURSOR #4 len=386 dep=0 uid=40 oct=3 lid=40 tim=4721509708 hv=302297662 ad='ab275c28'
select parameter,value from nls_session_parameters 
 union all SELECT 'DB_TIMEZONE' name, DBTIMEZONE  value FROM DUAL 
 union all SELECT 'SESSION_TIMEZONE' name, SESSIONTIMEZONE value FROM DUAL
 union all SELECT 'SESSION_TIMEZONE_OFFSET' name, TZ_OFFSET(SESSIONTIMEZONE) value from DUAL
 union all SELECT parameter, value FROM nls_database_parameters WHERE parameter='NLS_CHARACTERSET' 
END OF STMT
PARSE #4:c=0,e=3962,p=0,cr=4,cu=0,mis=1,r=0,dep=0,og=1,tim=4721509705
EXEC #4:c=0,e=21,p=0,cr=0,cu=0,mis=0,r=0,dep=0,og=1,tim=4721509816
FETCH #4:c=0,e=111,p=0,cr=0,cu=0,mis=0,r=10,dep=0,og=1,tim=4721509976
FETCH #4:c=0,e=132,p=0,cr=0,cu=0,mis=0,r=10,dep=0,og=1,tim=4721510598
FETCH #4:c=0,e=204,p=0,cr=3,cu=0,mis=0,r=1,dep=0,og=1,tim=4721511118
STAT #4 id=1 cnt=21 pid=0 pos=1 obj=0 op='UNION-ALL  (cr=3 pr=0 pw=0 time=264 us)'
STAT #4 id=2 cnt=17 pid=1 pos=1 obj=0 op='FIXED TABLE FULL X$NLS_PARAMETERS (cr=0 pr=0 pw=0 time=128 us)'
STAT #4 id=3 cnt=1 pid=1 pos=2 obj=0 op='FAST DUAL  (cr=0 pr=0 pw=0 time=1 us)'
STAT #4 id=4 cnt=1 pid=1 pos=3 obj=0 op='FAST DUAL  (cr=0 pr=0 pw=0 time=0 us)'
STAT #4 id=5 cnt=1 pid=1 pos=4 obj=0 op='FAST DUAL  (cr=0 pr=0 pw=0 time=1 us)'
STAT #4 id=6 cnt=1 pid=1 pos=5 obj=96 op='TABLE ACCESS FULL PROPS$ (cr=3 pr=0 pw=0 time=194 us)'
=====================
PARSING IN CURSOR #3 len=41 dep=0 uid=40 oct=42 lid=40 tim=4721512239 hv=2321140216 ad='ab275184'
alter session set NLS_TERRITORY='GERMANY'
END OF STMT
PARSE #3:c=0,e=329,p=0,cr=0,cu=0,mis=1,r=0,dep=0,og=1,tim=4721512236
EXEC #3:c=0,e=48,p=0,cr=0,cu=0,mis=0,r=0,dep=0,og=1,tim=4721512424
=====================
PARSING IN CURSOR #2 len=35 dep=0 uid=40 oct=42 lid=40 tim=4721513208 hv=2785092162 ad='ab274e88'
alter session set NLS_SORT='GERMAN'
END OF STMT
PARSE #2:c=0,e=283,p=0,cr=0,cu=0,mis=1,r=0,dep=0,og=1,tim=4721513205
EXEC #2:c=0,e=20,p=0,cr=0,cu=0,mis=0,r=0,dep=0,og=1,tim=4721513370
=====================
...

This explains why they are crushed, but I still don't know why the session parameters are changed after my trigger at all. Any idea?

Published by: 853536 on 20.04.2011 01:24

Problem solved: I was using Oracle SQL Developer to change my trigger and try it - and Developer SQL seems ovewrite the NLS_Session settings. Duh.

Published by: 853536 on 20.04.2011 02:04

Yes, SQL Developer usually replace the settings. It should not do this if you go to tools-> Preferences-> database-> NLS and mark 'Skip NLS Settings'.

But any program using JDBC OCI will also replace most of the settings. Therefore, don't rely on the database to set the NLS parameters. It's applications to properly prepare the environment of the NLS (if the standard initialization based on the settings of operating system and/or NLS_LANG is not satisfactory).

-Sergiusz

index and a nls settings logon trigger

Hello world

We had a problem with the index. A few months ago the client asked us to modify the application so that all searches are case insensitive and independent of diacritics (i.e. treat all non-ASCII as their equivalent ASCII - for example 'a' characters should be considered equal to 'a' etc.). We decided to create a simple LOGON trigger, which sets some parameters, NLS session for a given user (namely NLS_COMP = LINGUISTIC and NLS_SORT = CZECH_AI).

This solution works, either it does what the customer has asked for, but I noticed there are problems with the index. Suddenly some of them are not used, so there is many unnecessary sequential scans of large tables (millions of rows), which influences the performance badly and that takes a lot more time. I believe that this is caused by the index created with the original, different from those current NLS parameters.

Am I wrong? And how to fix it? I was able to recreate all the indexes, but is it possible to find what indexes are affected by this problem, or not?

concerning
Tomas

I don't think your alter session modification statement will affect the content of the index, but they will have an impact of the plan. For example see the following example, where the full table Scan scan index range plan changes.

SQL> select name from emp where name = 'a';

no rows selected

Execution Plan
----------------------------------------------------------
Plan hash value: 2061206800

-----------------------------------------------------------------------------
| Id  | Operation        | Name     | Rows  | Bytes | Cost (%CPU)| Time     |
-----------------------------------------------------------------------------
|   0 | SELECT STATEMENT |          |     1 |    12 |     1   (0)| 00:00:01 |
|*  1 |  INDEX RANGE SCAN| EMP_NAME |     1 |    12 |     1   (0)| 00:00:01 |
-----------------------------------------------------------------------------

Predicate Information (identified by operation id):
---------------------------------------------------

   1 - access("NAME"=U'a')

Note
-----
   - dynamic sampling used for this statement (level=2)

SQL> alter session set NLS_COMP=LINGUISTIC;

Session altered.

SQL> alter session set NLS_SORT=CZECH_AI;

Session altered.

SQL> select name from emp where name = 'a';

no rows selected

Execution Plan
----------------------------------------------------------
Plan hash value: 3956160932

--------------------------------------------------------------------------
| Id  | Operation         | Name | Rows  | Bytes | Cost (%CPU)| Time     |
--------------------------------------------------------------------------
|   0 | SELECT STATEMENT  |      |     1 |    12 |     3   (0)| 00:00:01 |
|*  1 |  TABLE ACCESS FULL| EMP  |     1 |    12 |     3   (0)| 00:00:01 |
--------------------------------------------------------------------------

Predicate Information (identified by operation id):
---------------------------------------------------

   1 - filter(NLSSORT("NAME",'nls_sort=''CZECH_AI''')=HEXTORAW('14000100
              ') )

Note
-----
   - dynamic sampling used for this statement (level=2)

SQL>

Limit user connections using a Logon trigger
Hi all

I'm now restrict selected terminals user connections, using the following logon trigger.
It allows users with user with DBA privileges.

How to restrict privileged users DBA?

Note:-by my application needs privileged DBA.

CREATE OR REPLACE TRIGGER on_logon
AFTER LOGON
WE DATABASE
DECLARE
VPROGRAM VARCHAR2 (30);
VUserName VARCHAR2 (30);
VTERMINAL VARCHAR2 (30);
CURSOR user_prog IS
SELECT UPPER (program), UPPER (username), NVL (TERMINAL, 'X') OF v$ session
WHERE the audsid = sys_context ('USERENV', 'SESSIONID');
BEGIN
OPEN user_prog.
EXTRACT the user_prog IN Vprogram, Vusername VTERMINAL;
IF VTERMINAL NOT IN ("APP1", "APP2", "APP3")+.
and Vusername = "ABUL"+.
THEN
RAISE_APPLICATION_ERROR (-20001, 'you are not allowed to log');
END IF;
CLOSE User_prog;
END;

Thanks I advance

-
ABK
Your application needs the role DBA? This is a terrible design - it violates all the principles of secure coding.

Connection triggers trigger for users with the role of s/n, then you will not be able to use a connection here. You can leave the logon trigger and configure nodes invited and excluded in the listener sqlnet.ora file, i.e.
```
tcp.validnode_checking = yes
tcp.excluded_nodes = (hostname1,hostname2,hostname3)
```
You need to restart the receiver after making this change.

Justin

How to change schema in a logon trigger in 3 levels (how to define a case)
Hello

We have a web application to work... the level 1 is the database, level 2 is web server clusters... all connections use same connectionstring, same user oracle all use the same pattern...

So far so good!

Now comes a requirement that we must test and the 'simpler' solution is to create alternative test patterns...

"of course no problem, just put a trigger of connection and the branch to a particular test instead of the regular production, a scheme"

but here's my problem:
What to put in the logon trigger?
Since all users are the same what can I use to decide what test scheme to create a branch to?
What sys_context information can I use to figure out (from the web server), the diagram that I can use?
The web server authenticates the user by using active directory, and then a connection to oracle is opened

I can see the logon trigger is the user active directory that was used to connect to the web server?

Thanks for your suggestions

g.
If you really, really, really want to do this kind of thing, you probably want to look for proxy authentication, which would involve rather fundamental changes for the management of intermediate level connections.

Even assuming you can do that kind of thing work, however, I am strongly against would do. It would make me very nervous to have test users through the same URL, hit the same web server and by pressing the same server database as users of production even though it had very well tested code which pointed users test against another scheme. You always load problems (i.e. testers are competing with production of resources users), coupling and transparency. The middle-tier and backend code are coupled (i.e. a change to a fair coincides with one change to another), but would not your test environment allows you to deploy the test code. And when (not if) there is a bug that causes some connection test inadvertently and transparently on the production scheme and some Tester causes problems in production by DML, this architecture will come under heavy fire. I would not be regarded as having any sort of ownership of the solution at this moment here.

In addition, the authentication proxy adds complexity to a system for any advantage real, which may cause various maintenance problems on the road.

Justin

GotoWorkspace in after Logon trigger

Our users want to switch automatically to the last workspace they use when they connect. Because they can use one of several applications, I decided to put this feature in a logon after tripping on the database.
The trigger, the tables and procedures are owned by the user WM_UTILS:
----------------------------
create table wm_utils.recent_user_workspaces
(username varchar2 (30 bytes) primary key
nom_espace_de_travail varchar2 (30 byte));
create or replace procedure wm_utils.goto_last_workspace authid current_user as
pragma autonomous_transaction;
last_workspace varchar2 (30);
Start
last_workspace: = get_last_workspace();
If (last_workspace is not null) then
dbms_wm. GotoWorkspace (last_workspace);
end if;
commit;
end;
create or replace procedure wm_utils. set_last_workspace (workspace in varchar2) as
Start
merge into recent_user_workspaces
using double on (username = user)
When not matched then insert (username, nom_espace_de_travail) values (user, workspace)
when matched, then update set nom_espace_de_travail = workspace;
end;
create or replace function wm_utils. get_last_workspace return varchar2 as
workspace varchar2 (30);
Start
Select nom_espace_de_travail
in the workspace
of recent_user_workspaces
where username = user;
Returns the workspace;
exception
When NO_DATA_FOUND then
Returns a null value.
end;
create or replace procedure wm_utils.goto_workspace (workspace in varchar2) authid CURRENT_USER as
PRAGMA AUTONOMOUS_TRANSACTION;
Start
dbms_wm. GotoWorkspace (workspace);
set_last_workspace (Workspace);
commit;
end;
create or replace trigger wm_utils.on_login
After logon on database
Start
goto_last_workspace();
exception
while others then
null;
end;
------------------------------------------------------
Call wm_utils.goto_workspace instead of dbms_wm. GotoWorkspace if they want to remember their choice for their next login.
The problem is that this operation fails with the error "ORA-20073: sufficient privileges to ACCESS the workspace: 'TEST_WORKSPACE'." It is a work space owned by the user attempting to log on, but there no privileges granted explicitly. The user can call wm_utils.goto_last_workspace () to be identified and it works. Y at - it something on the way in which work orders that would prevent from working in a trigger AFTER logon?

Hello

Triggers have the same privileges as a DEFINER procedure/function. So, once the wm_utils.on_login trigger is executed when a user connects to the database, all the procedures performed as a result of the trigger are executed with the privileges of the wm_utils schema. This includes even those defined as authid current_user, since at this moment in time wm_util is essentially the user that executes the procedure. So, you can create a DEFINER rights procedure in the scheme of each user to manage dbms_wm of execution. GotoWorkspace which will remove the privileges of the user running, or give the privilege of system ACCESS_ANY_WORKSPACE wm_utils schema using dbms_wm. GrantSystemPriv.

Kind regards

Ben

Activation level-12 record in the SYSTEM. LOGON trigger
I try to activate the trace level-12 for a user as soon as it to connect to the database.

CREATE OR REPLACE TRIGGER SYSTEM. LOGON_ASPIRE
AFTER LOGON
WE DATABASE
BEGIN
If (Upper (User) = "U_DATAHUB") then
RUN IMMEDIATELY 'ALTER SESSION SET EVENTS "TRACE NAME CONTEXT FOREVER, LEVEL 12 10046" ';
run immediately "alter session set current_schema = DATAHUB';"
end if;

I Grant DBA user U_DATAHUB and I'm able to generatr trace for all sessions... but all trace files will appear this error

PARSING IN CURSOR #4 len = dep 68 = 2 uid = 5 oct 42 lid = 5 = tim = hv 14297715680259 = ad 753686485 = ' 0'
ALTER SESSION SET EVENTS 10046 TRACE NAME CONTEXT FOREVER, LEVEL 12'
END OF STMT
ANALYSIS # 4: c = 0, e = 18, p = 0, cr = 0, set cu = 0, = 0, r = 0, dep = 2, og = 0, tim = 14297715680254
#2 ERROR: err = 1031 tim = 2228813739
Ignored the error 604 while SYSTEM is running. LOGON_ASPIRE
2008-10-24 16:09:40.272
ksedmp: internal or fatal error
ORA-00604: an error has occurred at the SQL level 1 recursive
ORA-01031: insufficient privileges
ORA-06512: at line 192
Have you abandoned the previous trigger, under System? If not, maybe that's the problem, it is also running, the drop!

Error in after Logon trigger

Hello
I use the 11.2.0.3.0 Oracle version.

I created a trigger to restrict specific users (logging of specific program and having specific OSUSER) from loging in the database.
I created under triggers in the SYS schema.
CREATE OR REPLACE TRIGGER t1
AFTER
OPENING OF SESSION
WE DATABASE
DECLARE
trg_program varchar2 (4000);
trg_user varchar2 (4000);
trg_osuser varchar2 (4000);
v_killsession VARCHAR2 (4000);
v_sid VARCHAR2 (4000);
v_serial VARCHAR2 (4000);
BEGIN
SELECT TOP (program), SUPERIOR (USERNAME), SUPERIOR (OSUSER), SID, serial #.
IN trg_program, trg_user, trg_osuser, v_sid, v_serial
SESSION $ v
WHERE audsid = SYS_CONTEXT ('USERENV', 'SESSIONID') AND ROWNUM = 1;

IF trg_program IN ('SQLPLUS.) EXE ',' SQLPLUSW. EXE ',' TOAD. EXE')
AND trg_user in ("USER1", "User2")-, "SYS", "SYSTEM")
- AND trg_osuser not in ('O12345')
THEN
raise_application_error (-20001, "You are not authorized to connect directly to this pattern!'");
END IF;
END;
/

When I log in User1 by sqlplus/Toad, it works very well, I get the required message that is referred to as "raise the application error".
but when I'm compiling the relaxation by uncommenting additional condition for OSUSER IE trg_osuser not in ('O12345') in the code of the trigger, so that this will not affect the summer strongly user (i.e. OSUSER O12345). During the connection to the USER1 user I get below error
ERROR:
ORA-04045: errors during recompilation/revalidation of
XIGNCMN. RESTRICT_UNAUTH_ACCESS
ORA-01031: insufficient privileges
It would alow me to access because I'm OSUSER 'O12345', then why his does not work?

933257 wrote:

I created under triggers in the SYS schema.

Bad idea. Never create objects in the SYS schema.

933257 wrote:

ORA-01031: insufficient privileges

You must have the privilege to ADMINISTRATION the TRIGGERS of DATABASE to compile / recompile database trigger.

SY.

Please help - PKG and TRIGGER LOGON
Hello
I'm currently building a logon trigger that performs various subsidies to the objects according to the OSUSER. I tried to emulate the structure proposed here: http://asktom.oracle.com/pls/asktom/f?p=100:11:1604031168350701:P11_QUESTION_ID:646423863863

The requirement is based on the OS USER logging in the basis of various privileges may be granted to certain a table.
for example OSUSER one can only read from table T, but OSUSER B can have SUID. Our approach is to have a default role where the UID privileges are missing and should be granted to the B OSUER when the connection occurs:

CREATE OR REPLACE PACKAGE LOGON_PKG AUTHID CURRENT_USER
AS
PROCEDURE MAIN;
END LOGON_PKG;
/

CREATE OR REPLACE
LOGON_PKG PACKAGE BODY
AS
PROCEDURE MAIN
IS l_str varchar2 (4000);
number of l_job;
VARCHAR2 (155) - stmt: = ' GRANT UPDATE, DELETE, INSERT ON B1. A T';
BEGIN
l_str: = ' run immediately ("GRANT SELECT ON B1. ("T'S"); " ;
dbms_job. Submit (l_job, replace (l_str,'"'," ' "));
END MAIN;
END LOGON_PKG;
/

CREATE OR REPLACE TRIGGER LOGON_TRIG
AFTER LOGON ON DATABASE
DECLARE p_session_user varchar2 (64);
BEGIN
SELECT TOP (SYS_CONTEXT ('USERENV', 'OS_USER')) INTO p_session_user FROM DUAL;
CASE p_session_user
When 'A' THEN START
LOGON_PKG. MAIN();
END;
-Other
-nada;
END CASE;
EXCEPTION
WHILE OTHERS THEN
-Consider recording the error and then re-raise
LIFT;
END;
/

Why do we try this approach? As you know, it is not possible to trigger connection directly to perform the ROLE SET-GRANT, or whether you need, and according to the post, I've referenced at all first, it should be possible using dbms_job.submit.

When the syntax seems to be OK, nothing will happen when connecting. When something is missing connect is not possible and it will be returnwith the corresponding error ORA/PLS.

Could you please help me?

Thanks in advance.

Published by: n on 29-mar-2012 08:15
because despite the connection made by A session belongs to B with the privileges of all B.

AFTER LOGON ON DATABASE

Hello
I have create a trigger to kill the unwanted remote sessions to help AFTER logon ON DATABASE.
But the session is killed after about 30 seconds. Until the time ' select distinct username, status from v$ session; "reflecting the situation as inactive instead of 'KILLED '.
Once the State takes the session killed get immediately terminated.
I can understand if the status is killed and waiting for a period of time as it will only mark he shot and async... killés the session in a few seconds.
but I'm not able to follow why it shows almost 30 second INACTIVE status.
Thank you
Ajay

Hello

You should not need to kill just raise an exception in the logon trigger that will kick to it-see this example on asktom

http://asktom.Oracle.com/pls/asktom/f?p=100:11:0:P11_QUESTION_ID:3236035522926

See you soon,.

Rich

Trigger connection problem

We have created the below logon trigger that will check if the session is connected
Toad,
PL/SQL Developer
SQL Developer.
If it is connected via one of the above applications, the relaxation intersect if the IP exists in a table.

This trigger works very well with

TOAD, SQLPLUS.EXE, SQLPLUSW.EXE, PLSQLDEVELOPER.EXE

It works simply with the SQL Developer even if the IP address is not in the table (ip_cnt = 1).
When you try to connect from SQL Developer, the following query

select trim(upper(sys_context('USERENV','MODULE'))) from dual

Returns

SQL DEVELOPER

The trigger performs a string comparison ' DEVELOPER %. I tried the following without a bit of luck

v_module like '%LOPER%'
v_module = 'SQL DEVELOPER'
v_module like '%SQL DEVELOPER%'

The trigger Code:

create or replace trigger admin.logon after logon on database
declare

v_module varchar2(200);
v_ipadd varchar2(100);
ip_cnt number;


begin

select sys_context('USERENV','IP_ADDRESS') into v_ipadd from dual ;
select count(*) into ip_cnt from admin.ipdetails where ip = v_ipadd;
select trim(upper(sys_context('USERENV','MODULE'))) into v_module  from dual ;
          
          


     if
          (v_module like '%TOAD%' or v_module like '%DEVELOPER%' or v_module like '%PLUS%')
          and ip_cnt = 0
          then 
          dbms_output.put_line('Value of v_module: '||v_module);
          raise_application_error (-20108, 'INSUFFICIENT PRIVILEGES TO LOGIN ');
     end if;

exception
when no_data_found then


raise_application_error (-20109, 'INSUFFICIENT PRIVILEGES TO LOGIN ');

end ;
/

Hello

Try this and see if it works, maybe there is some unknown characters.

IF v_module like '%TOAD%' or REGEXP_REPLACE(v_module,'[^[:alpha:]]')='SQLDEVELOPER'  or v_module like '%PLUS%'
THEN ...

Satellite P200 Vista Ultimate - Extended desktop does not remain on the left

I can EXTEND my desktop to a second LCD on my Satellite P200 without problems - UNTIL I place it on the LEFT.

It will not retain this position (I need to reposition after every restart - this I can live with that).

But I use a KMV switch intensively, whenever I come back to the Satellite, the extended desktop is back on the right.

Someone at - it ideas?

Post edited by: HammondKF

Hello

I think it s a display driver problem.
Try to update the graphics driver to the latest version.
If you will be late nothing on the European driver Toshiba page try to search on the site of Toshiba Canada and 3 websites of third parties such as www.omegadrivers.net or www.laptopvideo2go.com

If you will not find the latest drivers try this temporary fix.
Don t let the Windows Vista TMM to manage your multiple monitors.
Go to Task Scheduler, in the list of active tasks, find the line task TMM, turn it off - off on logon trigger (or delete - save/export task before you do), and then restart your windows. I hope it will work ;)

Can not find the task in the Task Scheduler

I created a fundamental task to connect to an ad - hoc network whenever I boot my laptop with Vista Home Premium 32-bit. I don't want that to happen and I deleted the network tries to delete the task. When I open the Task Scheduler, I don't see my task listed. I made sure 'show hidden tasks '. I know that the task runs as I continue to receive errors not being to find the ad hoc network.

I created a new task of fundamental task, called 'test' starts just the calc program and it shows in the list of tasks.

Any help?

As others have found, if you change the name of your computer, scheduled tasks that have been associated with a specific user account (like the logon trigger, such as the credentials for the job and so forth) will no longer appear in the list of scheduled tasks. Scheduled tasks displays the message "an error has occurred for task xxxx. Error message: the specified account name is not valid. "The same thing happens if you delete a user account that is named in a scheduled task.

The reason for the problem is that the computer name part of the account name (for example, "mycomputer\myaccount"), and so if a part of the name is not valid, the associated account is no longer recognized. Unfortunately, given that the scheduled tasks will not display the task entry broken, you cannot fix it directly.

The tasks themselves are defined in XML files in plain text stored in \windows\system32\tasks. The files have the same name as their entries in scheduled tasks.

If a task is not desired, you can simply delete the corresponding file from \windows\system32\tasks.

If you want to restore a task, you must change the computer name and/or account name everywhere wherever he is in the job file. But, you can just edit the file in place to solve the problem. Scheduled task detects that the file has been modified externally and even once will not use or display.

I managed to solve the problem by following these steps:
1. Move the file to the task entry broken of the \windows\system32\tasks in another case. You want to move it, copy it not - file must be put out \windows\system32\tasks. You can do this by using Windows Explorer or move the command in a command prompt window.
2. Using Notepad, open the file in its new location. Set the name of the computer or the name of the account as it happens and save the file. Repeat steps 1 and 2 for all other tasks of problem.
3. Open scheduled tasks, or select the menu Action, refresh. It should be no error message now, given that the task of the problem has been removed.
4. On the Action menu, use the import command to locate the edited file. This will restore the scheduled task.
5. Test the restored task by opening and then run. Once everything works, you can remove older versions of the file task as you had moved it. Repeat steps 4 and 5 for any other task edited file.

logon trigger

Similar Questions

Maybe you are looking for