Problem in DBMS_SESSION. SET_CONTEXT

Hi Experts,

I am facing a problem when setting the context through dbms_Session.set_context.

I actually insert some values into the table, and there is a trigger is devoted to implementations on this table and trigger a proc body is called in who's sets the context and give me the error below

ORA-06512: at "SYS." DBMS_SESSION", line 114

I found that it gives me error in setting up the framework.

DBMS_SESSION. SET_CONTEXT ('the context name,' variable ' TEXT');

Could you please provide your valuable contributions...

When a context is created, the name of the PL/SQL procedure has allowed to insert name-values in this context is specified.

Only this unit of PL/SQL code is allowed to use DBMS_SESSION. Set_Context() call to set values in this namespace.

Example:

SQL> create or replace context MY_CONTEXT using SetMyContext;

Context created.

SQL>
SQL> create or replace procedure SetMyContext( name varchar2, value varchar2 ) authid definer is
  2  begin
  3          DBMS_SESSION.set_context( 'MY_CONTEXT', name, value );
  4  end;
  5  /

Procedure created.

SQL>
SQL> select attribute, value from session_context where namespace = 'MY_CONTEXT' order by 1;

no rows selected

SQL>
SQL> -- cannot change context directly
SQL> begin
  2          DBMS_SESSION.set_context( 'MY_CONTEXT', 'BROWSER USER', 'John Doe' );
  3  end;
  4  /
begin
*
ERROR at line 1:
ORA-01031: insufficient privileges
ORA-06512: at "SYS.DBMS_SESSION", line 114
ORA-06512: at line 2

SQL>
SQL> -- context has to be set via bound context procedure
SQL> exec SetMyContext( 'BROWSER USER', 'John Doe' );

PL/SQL procedure successfully completed.

SQL>
SQL> select attribute, value from session_context where namespace = 'MY_CONTEXT' order by 1;

ATTRIBUTE            VALUE
-------------------- --------------------
BROWSER USER         John Doe

SQL>

Tags: Database

Similar Questions

DBMS_SESSION. SET_CONTEXT sets / retrieves incorrect DATE values.
Hello

I created the script below:

-* Create the context XX_DATE_CONTEXT
CONTEXT to CREATE or REPLACE xx_date_context USING pkg_context;

Context created successfully.

-* Create package that sets the XX_DATE_CONTEXT
CREATE or REPLACE PACKAGE apps.xx_dtctxt_pkg
IS
FUNCTION xx_set_context (p_ctxt IN varchar2
p_date IN date)
RETURN number;

FUNCTION xx_get_context (p_ctxt IN varchar2)
Date of RETURN;
END;
/

CREATE or REPLACE PACKAGE apps.xx_dtctxt_pkg BODY
IS
p_context_name CONSTANT all_context.namespace%TYPE: = "XX_DATE_CONTEXT";

-* Create the function that defines the XX_DATE_CONTEXT using DBMS_SESSION. SET_CONTEXT
FUNCTION xx_set_context (p_ctxt IN varchar2
p_date IN date)
RETURN number
IS
BEGIN
DBMS_SESSION.set_Context (p_context_name
p_ctxt
p_date);
RETURN 1;
EXCEPTION
WHILE OTHERS
THEN
RETURN 0;
END xx_set_context;

-* Create the function that retrieves the value at the date of the XX_DATE_CONTEXT
FUNCTION xx_get_context (p_ctxt IN varchar2)
Date of RETURN
IS
BEGIN
RETURN SYS_CONTEXT (p_context_name
p_ctxt);
EXCEPTION
WHILE OTHERS
THEN
dbms_output.put_line (SQLERRM);
-RETURN NULL;
END xx_get_context;
-EXCEPTION
-WHILE OTHERS
-THEN
-DBMS_OUTPUT. PUT_LINE (SQLERRM);

END;
/

Package & body created successfully.

Now I set the context as below:

/ * Formatted on 29-Oct-2009 11:00:09 (v5.114.809.3010 PS5) * /.
DECLARE
x VARCHAR2 (10);
date of y;
"date of TDT: = 1 January 1951";
number of z;
BEGIN
x : =
xx_dtctxt_pkg.xx_set_context ("PARAM_DATE"
TDT);
y: = xx_dtctxt_pkg.xx_get_context ("PARAM_DATE");
dbms_output.put_line (TO_CHAR (y)
'DD-MON-RRRR"));
dbms_output.put_line (TO_CHAR (y)
'DD-MON-YYYY"));
z: = SYSDATE - y;
dbms_output.put_line (z);
END;
/

The retrieved value is 1 January 2051 ' and not of 1951, which is the value passed.
Please advice on how to extract the exact value for this case.

Thank you
L. Julie
convert your date to a string in the appropriate format, something like
```
to_char (sysdate, 'dd-mm-yyyy')
```

Problem with predicate of CAE
Hello
I just started know CAE and spin a question with a very simple example. I have a local database on my machine with Figure 2: OLTP and OLAP. I create a context service policy etc. in the OLTP schema, I connect to the other OLAP schema and then I do a

Select * from w_case_d, the results are not filtered.

I'm looking at v$ vpd_policy and the predicate field is null.
Can you help me determine what I am doing wrong? Thank you for your time.

Frank

Details
------

CREATE OR REPLACE CONTEXT WITH THE HELP OF INITIALIZATION_PROCEDURE VPD_CONTEXT;
/

create or replace procedure initialization_procedure
(
v_user in varchar2
)
is
Start
DBMS_SESSION.set_Context ('VPD_CONTEXT', 'USER_NAME', v_user);
end initialization_procedure;
/

create or replace function initialization_function (v_user in varchar2)
VARCHAR2 is back
Start
initialization_procedure (v_user);
SYS_CONTEXT ('VPD_CONTEXT', 'USER_NAME') return;
end;
/

create or replace FUNCTION apply_policy)
p_schema IN VARCHAR2,
p_object IN VARCHAR2)
RETURN VARCHAR2
AS
v_stmt varchar2 (500);

BEGIN
v_stmt: = 'ETL_PROC_WID = 368';
Return v_stmt;
END;
/

BEGIN
DBMS_RLS.add_policy
(object_schema = > "OLAP")
object_name = > "W_CASE_D"
POLICY_NAME = > "test_policy"
function_schema = > 'OLTP.
policy_function = > 'apply_policy ',.
statement_types = > 'SELECT');
END;
Is the EXEMPT STRATEGY of access granted OLAP schema?

Problem with the CAE policy function
Hi all
I'm trying to set the tables of data with the DTV and get "ORA-28112: cannot run the political function" error when I query the table.
---------------------------------------------------------------------------------------------------------------------------
-My diagram is "sales".
grant Ridge no matter what context of balances;

-created the context by using this statement
create or REPLACE context sales_APP_CTX using PKG_SECURITY ACCESSIBLE on a GLOBAL scale;

-Package specifications
CREATE or REPLACE PACKAGE PKG_SECURITY
function vpd_sec_pol_func return varchar2;
procedure set_sales_app_context (p_user varchar2, p_security_level varchar2);
end;
/

-package body
CREATE or REPLACE PACKAGE BODY PKG_SECURITY
---------------------------------------------------------------------------------------------
function vpd_sec_pol_func return varchar2 is

-v_user varchar2 (100): = UPPER (portal.wwctx_api.get_user);
Start
If not for the user ("SALES", "ORACLE") then
return ' State in (select State from app_user_states where user_id = sys_context ("SALES_APP_CTX", "APP_USER"))';
on the other
Returns a null value.
end if;
end;
---------------------------------------------------------------------------------------------
procedure set_sales_app_context (p_user varchar2, p_security_level varchar2) is
Start
DBMS_SESSION.set_Context ('SALES_APP_CTX', 'APP_USER', p_user);
-dbms_session.set_context ('SALES_APP_CTX', 'SECURITY_LEVEL', p_security_level);
end;
---------------------------------------------------------------------------------------------
end;
/

-The policy has added to the table
Start
dbms_rls.add_policy
(object_schema = > 'SALES')
object_name = > "SALES_SUMMARY"
POLICY_NAME = > "SALES_SUMMARY_POLICY"
function_schema = > 'SALES. "
policy_function = > ' PKG_SECURITY. VPD_SEC_POL_FUNC',.
statement_types = > 'SELECT, INSERT, UPDATE, DELETE.
update_check = > TRUE);
end;

-I was able to put into context using sqlplus in running the procedure
exec ('TEST_USER', 'R') PKG_SECURITY.set_sales_app_context;
---------------------------------------------------------------------------------------------------------------------------

What I am doing wrong?

Thank you
Hello

ORA-28112 only tells you that there is real error messages in a trace file on the database server. I forgot if the trace file is generated in the bdump or udump directory. Post messages.

The political function should look like this:
```
FUNCTION policy_function (object_schema IN VARCHAR2, object_name VARCHAR2)
        RETURN VARCHAR2 
```
You don't have to use the arguments (I do not usually), but they have to be there. The system will call your function with two arguments of VARCHAR2, so he must accept two arguments of VARCHAR2.

With the help of SCORE on top of view with UNION

Hi guys,.
I explain what I'm trying to do it quickly:
2 tables: table1 and table2 with the same structure and have both a multi_column_datastore ctxsys.context.
1 view: View1
Select * from table1
Union
Select * from table2
If I run:
Select * from View1 WHERE contains (view1. Column1, '% textext %', 1) > 0;
It works fine, I get the correct result.
If I try to use the PARTITION function, I got an error:
Select * from View1 WHERE contains (view1. Column1, '% textext %', 1) > 0 ORDER by SCORE (1);
ORA-29921: auxiliary operator not supported with query to configure block
I understand the problem is in the UNION inside the view, is it possible to keep work, filtering the VIEW?
Thanks in advance

There is no score in the view, so you cannot reference the score when you query the view. In order to put the note in the view, you need a contains the clause, which requires a value. A method to do this is to use sys_context. Please see the reproduction of the problem and solution below.

Scott@orcl12c >-reproduction of the problem:

Scott@orcl12c > create the table1 table:

2 (column1 varchar2 (30))

3.

Table created.

Scott@orcl12c > insert into table1 values ('textext")

2.

1 line of creation.

Scott@orcl12c > create table table2

2 (column1 varchar2 (30))

3.

Table created.

Scott@orcl12c > insert into table2 values ('textext")

2.

1 line of creation.

Scott@orcl12c > start

2 ctx_ddl.create_preference ('test_ds', 'multi_column_datastore');

3 ctx_ddl.set_attribute ('test_ds', 'columns', "column1");

4 end;

5.

PL/SQL procedure successfully completed.

Scott@orcl12c > create index table1_idx on table1 (column1)

2 indextype is ctxsys.context

3 parameters ("test_ds of the data store")

4.

The index is created.

Scott@orcl12c > create index table2_idx on the table2 (column1)

2 indextype is ctxsys.context

3 parameters ("test_ds of the data store")

4.

The index is created.

Scott@orcl12c > create or replace view View1

2 as

3 select * from table1

4 union

5 select * from table2

6.

Created view.

Scott@orcl12c > select * from View1 where contains (view1.column1, '% textext %', 1) > 0

2.

COLUMN1

------------------------------

textext

1 selected line.

Scott@orcl12c > select * from View1 where contains > 0 (view1.column1,'%textext%',1) order by score (1)

2.

Select * from View1 where contains > 0 (view1.column1,'%textext%',1) order by score (1)

*

ERROR on line 1:

ORA-29921: auxiliary operator not supported with query to configure block

Scott@orcl12c >-solution:

Scott@orcl12c > create or replace view View1

2 as

3. Select the partition (1) score, table1.* from table1

4 where contains (table1. Column1, sys_context ('text_query', 'query_value'), 1) > 0

5 union

6 select score partition (1), table2.* from table2

7 where contains (table2.column1, sys_context ('text_query', 'query_value'), 1) > 0

8.

Created view.

Scott@orcl12c > create or replace context text_query using text_proc

2.

Context that is created.

Scott@orcl12c > create or replace procedure text_proc

2 (p_val in varchar2)

3 as

4 start

5 dbms_session.set_context ('text_query', "query_value", p_val);

6 end text_proc;

7.

Created procedure.

Scott@orcl12c > text_proc exec ('% textext %')

PL/SQL procedure successfully completed.

Scott@orcl12c > set autotrace on explain

Scott@orcl12c > select * from View1 by score

2.

MARK THE COLUMN1

---------- ------------------------------

3 textext

1 selected line.

Execution plan

----------------------------------------------------------

Hash value of plan: 4090246122

----------------------------------------------------------------------------------------------

| ID | Operation | Name | Lines | Bytes | Cost (% CPU). Time |

----------------------------------------------------------------------------------------------

|   0 | SELECT STATEMENT |            |     2.    60.     8 (0) | 00:00:01 |

|   1. SORT ORDER BY |            |     2.    60.     8 (0) | 00:00:01 |

|   2.   VIEW                          | VIEW1.     2.    60.     8 (0) | 00:00:01 |

|   3.    UNIQUE FATE |            |     2.    58.     8 (50) | 00:00:01 |

|   4.     UNION-ALL |            |       |       |            |          |

|   5.      TABLE ACCESS BY INDEX ROWID | TABLE1.     1.    29.     4 (0) | 00:00:01 |

|* 6 |       DOMAIN INDEX | TABLE1_IDX |       |       |     4 (0) | 00:00:01 |

|   7.      TABLE ACCESS BY INDEX ROWID | TABLE2.     1.    29.     4 (0) | 00:00:01 |

|* 8 |       DOMAIN INDEX | TABLE2_IDX |       |       |     4 (0) | 00:00:01 |

----------------------------------------------------------------------------------------------

Information of predicates (identified by the operation identity card):

---------------------------------------------------

6 - access("CTXSYS".") CONTAINS "(" TABLE1".»)" Column1', SYS_CONTEXT ('text_query ',' query_v)

Alou '), 1) > 0)

8 - access("CTXSYS".") CONTAINS "(" TABLE2".»)" Column1', SYS_CONTEXT ('text_query ',' query_v)

Alou '), 1) > 0)

Note

-----

-the dynamic statistics used: dynamic sampling (level = 2)

Scott@orcl12c >

Digital signage using SYS_CONTEXT

Version 11.2.0.3
I'm trying to create a view that refers to two identical paintings. The results will be presented only ever among the tables based on a variable SYS_CONTEXT.
The issue I see is however that the implementation plan is different when I use literals as opposed to a variable SYS_CONTEXT. The plan with literals is what I expect to see when I use SYS_CONTEXT as well. The difference between the 2 plans, is that the filter filter (NULL IS NOT NULL) appears for the SELECT that does not run. The following illustrates the problem:
create table tbl1 (id number, date_created date);
create table tbl2 (id number, date_created date);
insert into tbl1 values (1, to_date('20140114','yyyymmdd'));
insert into tbl2 values (2, to_date('20140115','yyyymmdd'));
insert into tbl2 values (2, to_date('20140115','yyyymmdd'));
COMMIT;
create or replace context tbl_switch using set_tbl_context;
create or replace procedure Set_Tbl_Context (p_Tbl_No in varchar2) as
Start
DBMS_SESSION.set_Context ('TBL_SWITCH', 'SWITCH_VALUE', p_Tbl_No);
end Set_Tbl_Context;
/
SQL > exec set_tbl_context ('2');
PL/SQL procedure successfully completed.
SQL > select sys_context ('TBL_SWITCH', 'SWITCH_VALUE') FROM DUAL;
SYS_CONTEXT ('TBL_SWITCH', 'SWITCH_VALUE')
----------------------------------------
2
SQL > set autotrace on
SQL > select * from tbl1 where 1 = 2
2 Union all the
3 select * from tbl2 where 2 = 2
4.
ID DATE_CREA
---------- ---------
2 15 JANUARY 14
2 15 JANUARY 14

Execution plan
--------------
Hash value of plan: 6123662
----------------------------------------------------------------------------
| ID | Operation | Name | Lines | Bytes | Cost (% CPU). Time |
----------------------------------------------------------------------------
|   0 | SELECT STATEMENT |      |     3.    66.     3 (100) | 00:00:01 |
|   1. UNION-ALL |      |       |       |            |          |
|* 2 |   FILTER |      |       |       |            |          |
|   3.    TABLE ACCESS FULL | TBL1 |     1.    22.     3 (0) | 00:00:01 |
|   4.   TABLE ACCESS FULL | TBL2 |     2.    44.     3 (0) | 00:00:01 |
----------------------------------------------------------------------------
Information of predicates (identified by the operation identity card):
---------------------------------------------------
2 - filter (NULL IS NOT NULL)
Note
-----
-dynamic sample used for this survey (level = 2)

Statistics
----------
16 recursive calls
0 db block Gets
Gets 36 compatible
0 physical reads
0 redo size
436 bytes sent via SQL * Net to client
364 bytes received via SQL * Net from client
2 SQL * Net back and forth to and from the client
0 sorts (memory)
0 sorts (disk)
2 rows processed
SQL > select * from tbl1
where the 2 ' 1'= sys_context('TBL_SWITCH','SWITCH_VALUE')
3 Union all the
4 Select * from tbl2
where the 5 ' 2'= sys_context('TBL_SWITCH','SWITCH_VALUE')
6.
ID DATE_CREA
---------- ---------
2 15 JANUARY 14
2 15 JANUARY 14

Execution plan
--------------
Hash value of plan: 687287648
----------------------------------------------------------------------------
| ID | Operation | Name | Lines | Bytes | Cost (% CPU). Time |
----------------------------------------------------------------------------
|   0 | SELECT STATEMENT |      |     5:    66.     6 (50) | 00:00:01 |
|   1. UNION-ALL |      |       |       |            |          |
|* 2 |   FILTER |      |       |       |            |          |
|   5:    TABLE ACCESS FULL | TBL1 |     1.    22.     3 (0) | 00:00:01 |
|* 4 |   FILTER |      |       |       |            |          |
|   3:    TABLE ACCESS FULL | TBL2 |     2.    44.     3 (0) | 00:00:01 |
----------------------------------------------------------------------------
Information of predicates (identified by the operation identity card):
---------------------------------------------------
2 - filter (SYS_CONTEXT ('TBL_SWITCH', 'SWITCH_VALUE') = '1')
4 - filter (SYS_CONTEXT ('TBL_SWITCH', 'SWITCH_VALUE') = '2')
Note
-----
-dynamic sample used for this survey (level = 2)

Statistics
----------
7 recursive calls
0 db block Gets
Gets 24 consistent
0 physical reads
0 redo size
436 bytes sent via SQL * Net to client
364 bytes received via SQL * Net from client
2 SQL * Net back and forth to and from the client
0 sorts (memory)
0 sorts (disk)
2 rows processed
Can anyone suggest why this is? In addition, the query with the variable SYS_CONTEXT does not two SELECT?
Thank you

That's exactly the plan that you want to see (although I must say I don't like the strategy that you are adopting).

If the sys_context value is 1 then line 2 will call line 3 to run, but line 4 will be short circuit and do not call the line 5

If the sys_content value is 2, then line 1 will be short-circuit and not dial 3, but call line 4 line 5

Update: your method is similar to an example I talked some time ago:conditional SQL & #8211; 3. Notebook of the Oracle and something similar is generated internally by the particularly specific optimizer transformation: conditional SQL | Notebook of the Oracle

It would not have been too difficult to set up a small test to see if this was true.

Concerning

Jonathan Lewis

maintain the same identifier of session for several sessions
This problem started as a matter of (secondary java) at the end of fonts, but I need to understand the side Oracle. So I raise here.

Let's say that a user makes the call to Oracle in two (or more) connections. Each connection will begin a new session.

On the first call, the user connects to the DB and then run a stored procedure to insert data in the parent table, which then returns a primary key.

Then the user makes another call to Oracle (where a new session), run another stored procedure and pass the primary key, so that a line can be inserted into the child table (dependence).

In doing so, I need the second connection to share the same session as the first. So for the first and second connections, I coded to perform the following duties

DBMS_session. Set_Identifier('100');
DBMS_session.set_Context ('ACCOUNT_CTX', 'ID_compte', ' 0');

But the second call (one to insert a row in the child table) does not always complain that the foreign key does not exist in the parent table.

This indicates that the system considered the second connection as a distinct and different session, so the primary key inserted into the parent table (by the first call) is not seen by the second call.

I can keep the two connections in the same session, which could be the solution (side Oracle) or a suggestion?

Thank you.

Published by: scottjhn on December 2, 2012 19:30
>
This problem started as a matter of (secondary java) at the end of fonts, but I need to understand the side Oracle. So I raise here.
>
Yes he did - and I answered it there.
When you cross-post, you must at least provide cross-cutting for other threads links so that people can follow what is being discussed.
JDBC mutiple inserts on the side of java (to keep the same session)

Will change your other thread and provide the link to this one.
>
I can keep the two connections in the same session, which could be the solution (side Oracle) or a suggestion?
>
As I said in the other thread: the same session to insert parent records and child needs either, you must commit after insertion of the parent record.
>
On the first call, the user connects to the DB and then run a stored procedure to insert data in the parent table, which then returns a primary key.

Then the user makes another call to Oracle (where a new session), run another stored procedure and pass the primary key, so that a line can be inserted into the child table (dependence).
>
The second call should not be a new session. You can use the same connection that you used for the first call. But if you use two connections or two sessions of the first session was committing its work or the second session will not see it.

Global Application contexts - where to set the identifier of the customer?
Hello

I try to use contexts of global application in the context of an implementation of fine-grained access control.
It is an e-Business Suite environment, more precisely of CRM, is a multilevel environment.
Users access the two screens and OA framework based forms.

I think I need to use the global application contexts because users can have multiple database sessions.
In addition, all users login using the same database connection account.

As much I can define a unique identifier for a user who persists throughout all their sessions I do use set_context settings, username and client_id below: -.

DBMS_SESSION.set_Context (namespace = > 'XXUOM_CONTEXTS',)
attribute = > "EXEMPT_FROM_VPD_POLICIES"
VALUE = > l_exempt,
username = > USER,
client_id = > pi_user_id);

The problem I have is to find a suitable place to set the client identifier.

I don't know if the value is to be eliminated by another code or if the value is not used in all sessions.

I use: -.

DBMS_SESSION. Set_Identifier (pi_user_id)

The tables that I call after insert triggers either icx_sessions or fnd_logins.

However, the identifier of the customer is always null when I question him within the application, through: -.

SELECT SYS_CONTEXT ('USERENV', 'CLIENT_IDENTIFIER') of double

If I put the value via a rule of customizing a form, the value remains.

I would be very happy if someone can advise me on where I'm wrong.

Andy
Thanks a lot for the pointers. Add DBMS_SESSION. SET_IDENTIFIER (FND_GLOBAL. User_name) does the work.

Good.

I want to say that this is the solution to my problem, but I am hesitant on the change in package FND_GLOBAL that there is no guarantee that it will not be overwritten by Oracle as part of a future patch/upgrade.

It is not supported and it will be overwritten for sure.

The patch proposed in [ID 1130254.1] is no longer exists.

Log an SR to get this fix (or a replacement).

Thank you
Hussein

security of the row/column in function
Hello

We have the necessary specific company, which is linked to motor vehicle liability insurance. There are many insurance companies, which have joined into a single fund. All claims and contracts are in the single data warehouse. Each line of data (for example, in the table of recreational vehicles) has a column that contains the ID of an insurer.

The problem is that this data warehouse will be used for analytical purposes, for example, to calculate the cost of insurance. For this operation the insurance companies need data for the whole of the market (Fe: all insured red BMW-s). A few details (reg. No. a car) of each returned row can be visible for the company, whose ID matches the value of the insurer_ID column.

Example:

Table: vehicles
V_ID | do | color | reg_no | insurer_ID
123 | BMW | Red | 123ABC | 11
234. BMW | Red | 456QWE | 22

Insurer with ID 11 querys table:
Select * from vehicles where do = 'BMW' and color = 'red ';

Oralcle should return:
V_ID | do | color | reg_no | insurer_ID
123 | BMW | Red | 123ABC | 11
234. BMW | Red | NULL | NULL VALUE

Is this possible with the native tools of Oracle?

First variant would be, that there is a query layer, which splits the query in to separate phrases and returns the results to new bundle:

Select * recreational vehicle where do = 'BMW' and color = 'red' and insurer_ID = '11';
Select vehicle_ID, make, color of vehicles where do = 'BMW' and color = 'red' and insurer_ID! = "11";

Query layer must also restore:
V_ID | do | color | reg_no | insurer_ID
123 | BMW | Red | 123ABC | 11
234. BMW | Red | NULL | NULL VALUE

Second solution would be separate tables, one that contains sensitive data and other data not delicate, between those who must be described in a table relationships. On the first table there is a view for each third party returns authorized only lines.

Is there an existing case study for this kind of business needs?

Version of database is Oracle 11 g Standard.

Best regards
Erki Pettai
Analyst
Proekspert Ltd
We can make our own implementation of VPD using views. It's not too bad for RLS, but it's a little gross to CLS.

The basic idea is to set a namespace or a context that is defined using dbms_session.set_context () and then referenced in the view by using sys_context(). In your scenario, you do not want to fill the frame with the company ID whenever someone logs in. (Obvously this kind of thing is gnarlier in stateless web applications). Your opinion would then be something watch this...
```
create or replace view restricted.vehicles as
select V_ID
       , make
       ,  color
       , case when insurer_ID = sys_context('your_namespace', 'company_id') then reg_no else null end as reg_no
       , case when insurer_ID = sys_context('your_namespace', 'company_id') then insurer_ID else null end as insurer_ID
from restricted.vehicles
/
```
Note the schema name: you must make sure that the tables are not visible to other users, that point of view. A safer solution would still be two levels of views. At the external level selects just * the internal level. At the external level is believe that gave himself and therefore protects statement of the view from prying eyes.

You will find the simple line-level stuff - just put in the WHERE clause of the view.

Because you are running a data warehouse, I suppose that you are spared the inconvenience of trying to manage updates, etc. in this way.

This course is a Joseph and will be a bit of a nightmare to maintain, especially if you have a lot of tables that you want to protect. That's why Oracle do you want to pay for the license of the company.

Good luck.

Cheers, APC

blog: http://radiofreetooting.blogspot.com

Conversion of a delete using the context statement and policies MEV
Hello

I'm trying to convert a delete statement in an update statement using the context and political MEV.

+ / * Assumes that the "user1" user already exists. This is a user of the application * / +.

Conn User1/pwd

create table user1.test_a)
ID number 4,
Description varchar2 (100),
number (1) deleted
+);+

ALTER table user1.test_a add the primary key constraint test_a_pk (id);

insert into user1.test_a (1, 'abc', 0);
insert into user1.test_a (2, 'def', 0);
commit;

I would like to convert each physical deletion a logical removal: instructions such as "delete from user1.test_a where id = 1" must be converted to "day all deleted user1.test_a = 1 where id = 1".»

I found the following way: I create a policy to avoid the physical deletion. In addition, the political function should update the deletion indicator too.

Conn User1/pwd

+ / * Create package context * / +.
create or replace package user1.pkg_security_context is
p_set_ctx of the procedure)
i_test_a_id in % user1.test_a.id type
+);+
end;
+/+

create or replace package body is user1.pkg_security_context
procedure p_set_ctx)
i_test_a_id in % user1.test_a.id type
+) is +.
Start
DBMS_SESSION.set_Context ("user1_ctx", "test_a_id", i_test_a_id);
end;
end;
+/+
display errors

+ / * Create the trigger to put into context before deleting * / +.
create or replace trigger user1.test_a_bef_trg
before you delete the user1.test_a
for each line
declare
pragma autonomous_transaction;
Start
-does not validate the previous update, not deletion that fired the trigger.
commit;

User1.pkg_security_context.p_set_ctx (: old.id);
end;
+/+
display errors

user1_ctx context to create using user1.pkg_security_context;

+ / * Political * / +.
create or replace function user1.f_policy_chk_dels)
object_schema in varchar2,
object_name in varchar2
+) return varchar2 +.
is
out_string varchar2 (400) by default, 1 = 2 ';

+/*+
* out_string is the return value.
*-' WHERE 1 = 2' ' doesn't mean anything for access to.
*/
Start
If (loc_logged_usr_authorized > 0) then
+/*+
* Set the flag removed 1
*/
update of the game user1.test_a deleted = 1 where id = sys_context ('user1_ctx', 'test_a_id');

out_string: = out_string. 'or 1 = 1 ';
end if;

Return out_string.
end;
+/+
display errors

+/*+
Create policies
*/
Start
() dbms_rls.add_policy
object_schema = > 'user1 ',.
object_name = > "test_a"
POLICY_NAME = > "policy_chk_dels"
function_schema = > 'user1',-function scheme
policy_function = > 'f_policy_chk_dels', - function policy
statement_types = > 'DELETE '.
+);+
end;
+/+

When I try to delete a record from the table test_a:

Conn User1/pwd

SQL > delete sim ilogdia.oplsimulaciones where sim.id = 9999;

+ 0 rows deleted.

No row has been deleted, but the update stmt does not work. This means that the 'deleted' flag has not been updated.

Any ideas?

Thank you in advance.

Marco A. Serrano

Published by: albrotar on October 15, 2012 08:42

Published by: albrotar on October 15, 2012 08:42

Published by: albrotar on October 15, 2012 08:43
The policy function is applied once per execution of the statement. The political function executes first, and the UPDATE statement updates probably, no line because the context is not yet filled. The level of the line fills the frame (I'm assuming that your session may even see context values populated by autonomous transaction - I guess it's possible, but I have to test this) after the UPDATE statement is already complete. VALIDATION in the row-level trigger is also useless - it does that to changes made by the current transaction that is independent, of which there is none--it cannot apply to changes made in the other autonomous transactions. Declaring the level line trigger to use autonomous transactions does not seem to do anything other than to open the question of whether the values defined under the autonomous transaction are visible in the transactions of the appellant.

Even if, somehow, did not work, the use of transactions autonomous would be a very bad idea because Oracle is free to roll back a partially executed query (and the work done by its triggers) and re - run. Oracle does with some regularity to maintain the consistency of Scripture.

Justin

Set box
How to set the context of the application in oracle 11g?
Try with this code-

c:\>sqlplus / as sysdba
GRANT CREATE ANY user CONTEXT
/
GRANT EXECUTE ON DBMS_SESSION to the user
/
SQL > conn/user

create or REPLACE package pkg_test as
procedure p_context (n varchar2);
end;

create or REPLACE package body pkg_test as
procedure p_context (n varchar2) as
Start
DBMS_SESSION.set_Context ('TEST_CONTEXT', 'USERNAME', N);
end;
end;
/
DISPLAYS THE ERROR MESSAGE;

TEST_CONTEXT FALL OF CONTEXT;
TEST_CONTEXT to create using pkg_test context;
/
BEGIN
pkg_test.p_context ('ADMIN');
END;
/
SELECT SYS_CONTEXT ('TEST_CONTEXT', 'USERNAME') OF DOUBLE
/

Error while executing the code as user sys
Hello
The following code creates a procedure. Although the proc is created successfully, as he tried to run, I get the below error

ORA-01031: insufficient privileges
ORA-06512: at "SYS." DBMS_SESSION", line 101
ORA-06512: at "SYS." MY_TEST_PROC', line 20
ORA-06512: at line 1

The proc is created by sys and executed by sys too

create or replace procedure my_test_proc as
TYPE CUR1 IS REF CURSOR;
CURSOR c1 is
Select ename from SCOTT.emp where rownum < 2;
v_Name varchar2 (30);
MY_CUR CUR1;
STRQRY VARCHAR2 (2000);
L_PARAM DBMS_SQL. VARCHAR2S;
THE CNT NUMBER;
SCOTT V_DATA. EMP % ROWTYPE;
BEGIN
STRQRY: = ' SELECT * FROM SCOTT. EMP WHERE 1 = 1 and ((1 = 1) ';)
CNT: = 0;
Open c1;
loop
Fetch c1 into v_name;
When exit c1% notfound;
CNT: = CNT + 1;

DBMS_SESSION.set_Context ('MY_CTX', 'ENAME_' |) CNT V_NAME);
STRQRY: STRQRY = | "OR (ENAME = SYS_CONTEXT ("MY_CTX","ENAME_1")';)"

end loop;
DBMS_OUTPUT. PUT_LINE(STRQRY ||) ')');

CLOSE C1;
END my_test_proc;

============================================================

EXEC my_test_proc;

Help, please.
>
STRQRY: = ' SELECT * FROM SCOTT. EMP WHERE 1 = 1 and ((1 = 1) ';)
>
The query above will not work because there is a syntax error.
Count the number of left and right parentheses.

Edit your post and use the code and tell us who is line #20.

My guess is that it's this line
```
dbms_session.set_context('MY_CTX','ENAME_' || CNT, V_NAME); 
```
You don't show any CONTEXT procedure code. DBMS_SESSION. SET_CONTEXT in doc PL/SQL Packages and Types
See http://docs.oracle.com/cd/B28359_01/appdev.111/b28419/d_sessio.htm#i1010942
>
SET_CONTEXT caller must be in the call stack of a procedure that has been associated with the context namespace via a statement of CONTEXT to CREATE. The call stack checking does not reach a limit of DBMS.

How to implement patterns of multiple companies?
I need to set up a database of several company. There is that a single server and all different companies customers will have access to this server.
How can I do this?
-Tables with a column of company
-A scheme by company

Any suggestion?

Concerning
In my mind, the simplest possible thing that might work would be a single schema where can access most if not all tables have a column COMPANY_ID, a context which is filled with the COMPANY_ID and a view layer that reads data in the context to limit the set of lines as the current session. In this way there is only a point of view which provides specific data the company independently of society rather than a point of view by the company. This would be relatively similar policy replacement DTV solution on the tables with a view.

You can create a context
```
CREATE OR REPLACE CONTEXT your_context_name USING your_authorization_pkg;
```
where YOUR_AUTHORIZATION_PKG is a package that determines what COMPANY_ID a particular session will have access to. This is one of the most vulnerable parts of the infrastructure here, so you want to make sure that it is secure. In YOUR_AUTHORIZATION_PKG, you would set the value of the context
```
DBMS_SESSION.SET_CONTEXT( 'YOUR_CONTEXT_NAME', 'COMPANY_ID', <> )
```
where > is the ID of the company that your package has determined the user has access to. Your view layer can then reference the value in the context
```
CREATE OR REPLACE VIEW vw_employee
AS
SELECT *
  FROM employee
 WHERE company_id = SYS_CONTEXT( 'YOUR_CONTEXT_NAME', 'COMPANY_ID' );
```
It is not as easy or as safe as MEV, but it is often close enough.

Justin

How to get LIST_CONTEXT
Hello guys,.

Try using DBMS_SESSION. LIST_CONTEXT without a bit of luck. According to this:
DBMS_SESSION. LIST_CONTEXT -returns a list of active namespaces and contexts for the current session
I expect to see a list of all the spaces of names/attributes of the created context, but instead I get nothing :(

That's what I do.

I create the context:
create context user_env_vals using sys_manage_context accessed globally;

Assign the value:
DBMS_SESSION.set_Context (namespace = > 'user_env_vals',)
attribute = > cName.
value = > cValue,.
client_id = > g_session_id);

Try to pass the value (and see the data):
Select ('user_env_vals', cName) sys_context in double v_var_char;

Try to do the following and context_info.count = 0, info_count = 0:
DBMS_SESSION. LIST_CONTEXT (context_info,
info_count);

What I am doing wrong?

Thank you!
I expect to see a list of all names/attributes of the created context workspaces

Maybe it's enough just to query the tables of two dictionary
```
select * from session_context
/
select * from global_context
/
```
?

Help Wanted on Sys_context
They told me that when we use the context, does a link for the next call sql performs a soft analysis

create or replace function fn_temp (AB in NUMBER)
RETURN VARCHAR2 IS
V VARCHAR2 (100);
V1 NUMBER (1);
X 1 VARCHAR2 (100);
Start
V: = 'SELECT MODEL WHERE DOUBLE D1 = 1';
V1: = AB;
DBMS_SESSION.set_Context ('p1_cont', 'v_value", V1);
V: = REPLACE (V, 'D1', SYS_CONTEXT ('p1_cont', 'v_value'));
DBMS_OUTPUT. PUT_LINE (V);
IMMEDIATELY RUN V IN X 1;
DBMS_OUTPUT. PUT_LINE (X 1);
RETURN X 1;
end;

create or replace context p1_cont using fn_temp;

Select sql_id, prev_sql_id from v$ session where upper (program) like '% of TOAD' AND OSUSER = "prnarvek."

SELECT fn_temp (2) FROM DUAL

SELECT fn_temp (1) FROM DUAL

Select * from v$ sqlarea where UPPER (SQL_TEXT) AS "SELECT DUMMY FROM DUAL % ';
SQL_TEXT SQL_ID

SELECT a MODEL where DOUBLE 1 = 2 3as9g8xuqc4qc
SELECT a MODEL where DOUBLE 1 = 1 6f1m2mcgc88mt

So, what is the context? Or told me wrong or I m a bad thing...
Hello

in your procedure, you change the value of sys_context. Your call to c1 should look like at the end:
```
SELECT DUMMY FROM DUAL WHERE 1 = sys_context('p1_cont','v_value');
```
In this way he uses it as a bindvariable. So, in your procedure you replace, you need some additional quotes, if you replace the string, not the value.

Herald tiomela
htendam.WordPress.com

Problem in DBMS_SESSION. SET_CONTEXT

Similar Questions

Maybe you are looking for