virtual private database / AUTHID DEFINE procedure

Hi all

quick question (11.2.0.3 EE): is the work of virtual private database (dbms_rls) as well as a procedure defined as AUTHID = DEFINE?

We have the following scenario:

The user is the owner of table AA (mandantid number, name varchar2 (20))
Data:
100, ABC
102, XYZ

User B has access to the table A.AA with RLS in place given the record of the 100, ABC only.
So far, this works fine.

There is now a procedure owned by b:
create or replace procedure BB AUTHID DEFINER is
     num     number;
begin
     select count(*) into num from A.AA;
     dbms_output.put_line('num='||to_char(num));
end BB;
/
Running the BB by B procedure returns 1 (correct)

Now, the part that problem:
There is another user X, calling the B.BB procedure. In fact, I thought, the procedure output would be 1, because it runs under DEFINE, but actually it's 0.

Why?

Thank you for any advice on this
Concerning
Christoph

The procedure runs with the privileges of B. But the SESSION_USER will always be X.

You could create an application with a package context to set this context, modify the political function to use the RUN_AS_USER (or whatever you want to call it) rather than the context USERENV SESSION_USER and have then your stored procedure fill the frame with a value of B.

Justin

Tags: Database

Similar Questions

  • Where is the virtual private database Option

    Apex 3.2, I could find in virtual private database option

    Shared components/security

    I now use Apex 4.2 and I can't find this option under

    Components/security shared or anywhere else.

    Where is he past?

    Gus

    Hello

    It is in the same place, but renamed in database Session

    http://docs.Oracle.com/CD/E37097_01/doc/doc.42/e35125/bldr_attr.htm#sthref738

    Kind regards

    Jari

  • Where is virtual private database (VPD)) contained in APEX

    Dear all

    I need to put the pl/sql code in the VPD (private virtual database (MEV)) section in the APEX .i have find each section using shared, but there is no section of the private virtual database (DPV).

    a cn guide me where it is?

    Thank you

    Apex 4.2:

    Components shared > Security > security attributes > Data Session > initialization code PLSQL Code PLSQL/cleanup. You can also get security attributes using the "Edit Application Properties" button and selecting the tab 'security '.

  • How to use Oracle Virtual Private Database (VPD) with EclipseLink JPA

    My project is obliged to use VPD in database to isolate access to data according to different user type. How can I use EclipseLink JPA with CAE? For example, how could I configure the server context of database for each database session? Thanks for any help.

    There is some information about the authentication proxy Oracle here,

    http://wiki.Eclipse.org/EclipseLink/examples/JPA/Oracle/proxy

    Use EVP would be very similar.

    ---
    James: http://www.eclipselink.org: http://en.wikibooks.org/wiki/Java_Persistence

  • Virtual private database

    Hi all
    Something that I've not met before. How do you enable VPD in oracle 10 g 2 (10.2.0.4)?

    I read some articles on the web where he speaks of the CAE, be involved in security, but I don't know to turn the function

    concerning

    Alan

    http://www.Symantec.com/connect/articles/Oracle-row-level-security-part-2

    lists the related data dictionary views.

  • (MEV) Virtual private database issue?

    Hi all

    I have a question about the DPV, I want to implement column-level security, senario is: (Oracle 9i, 10 g)

    TABLE
    =======

    CUSTOMER

    (cust_id, name, address, phone, e-mail) etc.

    There is a user "PIN" in which all objects are created and stored, and other users has the granting of rights through synonyms created on their schemes,

    My question is: all users can access / retrieves all the rows in the customer table, but they should not see the address fields and phone?, these 2 fields must be NULL for them, is it possible to implement this security through CAE policy?



    quick response would be appreciated.



    concerning


    Qamar

    Published by: qamarsyed on November 5, 2008 12:43

    In the same example, I created the function to exclude all the numbers of Department of DEPT table and I got what you're looking for. But according to your requirement, this function can be expensive.

    SQL> ed
    Wrote file afiedt.buf
    
      1  CREATE OR REPLACE FUNCTION pf_job (oowner IN VARCHAR2, ojname IN VARCHAR2)
      2  RETURN VARCHAR2 AS
      3    con VARCHAR2 (200);
      4  BEGIN
      5    con := 'deptno not in (select deptno from dept)';
      6    RETURN (con);
      7* END pf_job;
    SQL> /
    
    Function created.
    

    And here is the result of the other user.

    SQL> /
    
        DEPTNO      EMPNO ENAME             SAL       COMM
    ---------- ---------- ---------- ---------- ----------
            20       7369 SMITH
            30       7499 ALLEN
            30       7521 WARD
            20       7566 JONES
            30       7654 MARTIN
            30       7698 BLAKE
            10       7782 CLARK
            20       7788 SCOTT
            10       7839 KING
            30       7844 TURNER
            20       7876 ADAMS
            30       7900 JAMES
            20       7902 FORD
            10       7934 MILLER
    
    14 rows selected.
    
    SQL>
    
  • Remote procedures created on private Database links

    How to grant access to the role on the private synonym created in a schema of the remote procedure with private database links.

    We converted the public database links to the private sector. Please suggest me how to access the remote procedure and
    Grant access to the role.

    Thank you very much in advance.


    Its Urgent

    Its Urgent

    Why is it urgent for me to post the solution to your problem?

    acquired through ROLE privileges are NOT applicable within the named PL/SQL procedures.

    GRANT is the only way to gain privileges or ROLE

  • What are the solutions for remote use unauthorized computer via a virtual private network?

    Dell Dimension E310.  Windows XP. Professional.   "Media Center". 5 years old.  Stand alone computer.  Unsolicited 'demand' come across the screen for remote access.  Wallpaper, next to the clock, someone downloading of graphics file "Accelerator" without authorization.   Called internet provider.  They claim that they do not deal with the configuration of the virtual private network. Tech said there is more than one device connected to my computer!
    I went to "Computer management" and delete all except myself as a user and the administrator.  Obviously, too late as a person UNKNOWN has defined itself as "NT Authority\Authenticated Users".  Locked computer: would not recognize my password.
    Formatted drive / reinstalled windows.  Able to use the computer for "allocation of 7 days; my computer then froze again.  AT and T Tech indicates that UNKNOWN use of my computer and no recourse.  Are there solutions to the unauthorized use?

    Hello

    I suggest you post your question Forums Technet for assistance on this issue.

    Windows XP Service Pack 3 (SP3)

    http://social.technet.Microsoft.com/forums/en-us/itproxpsp/threads

  • (I am in China and on the front is partly in Chinese.) I use Astrill which is a virtual private network and the code of the Australia, but still the Mandarin appears.

    Dear Firefox support, I am in China, and the first page of my Firefox screen is partly in Chinese. I use Astrill which is a virtual private network and the code of the Australia, but still the Mandarin appears. I downloaded a new version 5, but the mandarin (and the associated statement bar) still come in Mandarin. How can I download a really English version?

    You can choose your language installation of this list: http://www.mozilla.com/firefox/all.html

  • I want to make a virtual private server using Windows, how can I do this?

    I have a hp Server Proliant DL380 in my personal data center running Windows Server 2003, now I want to configure it as a virtual private server, how can I do this?

    Hi Shandogar,

    Your question of Windows is more complex than what is generally answered in the Microsoft Answers forums. It is better suited for Windows Server on TechNet. Please post your question in the TechNet Windows Server forum.

    http://social.technet.Microsoft.com/forums/en/category/WindowsServer/

  • How to connect automatically to a virtual private network in Windows 7 to start upward

    How will automatically connect to a VPN in Windows 7 start upward as as I would like to set up a VPN connection to connect to my exchange account to collect & sync without having to manual when I start my laptop.  Thank you

    If you need to connect to a virtual private network in windows startup and that you do not want to have the thrust of the user to connect or enter the password follow these steps:
    (1) on the VPN connection screen, select 'save this user name and password for the following users.
    (2) select the "anyone who uses this computer" radio button
    3) click 'Properties' on the screen of VPN connection
    (4) on the 'Options' tab, uncheck the box:
    -Display progress while connecting.
    ' Prompt name and password, certificate, etc. ".
    (5) in Windows Explorer, navigate to C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    (6) open a new Windows Explorer and navigate to control network connections
    (7) drag the icon of your VPN connection to the startup folder. This will create a shortcut

    Now at Windows startup, the spear and connect silently.

  • Questions of Virtual Private Network (VPN) connection

    OK I did some research on the private network connections, and I have a few questions:

    • Is it true that a connection to a vpn is possible thanks to a transport to a Wi - fi (I want to connect to a network non - bes)?
    • As far as I know, you can connect to a vpn only if create you a vpn manually account via the phone options menu. Is it possible to programmatically create the connection without having to manually create the profile?
    • This connection can be established via a proxy server?
    • Any article or the sample code will be really appreciated

    BlackBerry Smartphones have supported integrated to connect through a VPN using WiFi.  Other transport routes are not supported out of the box for this.

    There is no way to programmatically configure a VPN.  Virtual private networks can be configured on a BlackBerry Enterprise Server and pushed to users.

    BlackBerry Enterprise Server is able to connect through a proxy server.  All of the BlackBerry Java API does not include API to manage proxy communications.

  • What book to review Cisco Secure Virtual Private Networks?

    Hello

    I want to prepare for the Cisco Secure Virtual Private Networks (642-511) exam.

    Can someone tell me what is the book of CiscoPress recommended to pass this test?

    Thank you.

    Hello

    Well, Cisco offers a good game that allow you to a tour of the fast configuration of the VPN 3000 Concentrator, logon to:

    Cisco certifications-> games community-> Cisco Secure volunteer

    Sound of running a tour so that your actions are limited, but this will give you an overview of GUI.

    I hope this will help

  • Difficulty accessing the virtual private network (VPN) to run on VMware Fusion

    I use Mac OS X 10.5.6 with VMware Fusion 2.0.1.  I am running Windows XP Professional 2002 with service pack 3 and the 5.0.01.0600 Cisco VPN client.  I couldn't connect to my home institution, even if the Mac has no problem making this connection on the same server using a client provided Cisco VPN.

    I tried bridged and NAT connections.   For packed I put the XP network settings to DHCP and of course, he is able to get on the internet.  It detects the VPN server, but the client does not let me enter a password.  Only a single character is accepted.  For the NAT settings, I used normal settings for the XP operating system I internal thought Windows communication would be tunnel by the VPN connection on my Mac.  But I can say that it does not work.

    I prefer to use the NAT connection if possible as this seems the right way to do it and should be more simple.  Any thoughts?

    Jan

    I think that there is a good chance of your router only supports 2 connections to the same VPN at the same time, and that's why you can't have the Mac and the VM connected at the same time.  According to your needs I think you only need one or the other connected at a given time.  When the Mac is connected you can access VPN network resources by placing the virtual machine mode NAT network.  When the Mac is not connected, then run the VM in bridged mode and VPN with only the virtual machine.

    I run 2 Windows XP Pro SP3 machines virtual enough daily, each connected to a different VPN.  My Mac is not connected to a virtual private network (and does not need to).  This configuration allows to my Mac to access local network resources and the virtual machines to do everything that is required through the VPN.  I am running customer Cisco 4.6.x on a virtual machine and a client owner on the other.

  • Data loss Virtual Center Database migration sql 2000 2005

    Hi, (sorry for my bad English)

    I moved the db installation remote sql 2000 Server remote sql 2005. I basically followed these steps:

    To migrate a database from the server vCenter 2.5 of SQL Server 2000 to SQL Server 2005:

    1. stop the vCenter Server service.

    2. stop the vCenter on SQL Server 2000 database.

    3 take a backup full database vCenter.

    4 copy the backup of the database to SQL Server 2005 host.

    5. create a new database on SQL Server 2005.

    6. restore the backup SQL 2000 vCenter database to the newly created database.

    7 correct permissions (same account, same password) see KB6565318

    8 native ODBC SQL connection change

    9. perform a change/repair Panel vCenter & gt; Add/Remove programs.

    10 in the Repair Wizard, I select custom and choose the newly created in SQL Server 2005 database.

    11 the authentication type used on SQL 2005 is the same as that used on SQL 2000.

    the license screen has an option box that says "I want to evaluate the product first," Setup does not correctly recognize the previous VirtualCenter database. » ???

    Now I can access the BDD via ODBC, and I am able to start the VC service. However, when I opened the client - I SEE NOTHING. Everything is gone. Totally empty. The data is still there well. I can go in sql 2005 and open the tables and see my hosts and virtual machines listed.

    Help, please.

    Thank you!

    I think that really there is a permission problem, but I'm not only deeply in SQL servers.

    Did you check for orphaned users?

    The permissions that are defined for the database of RESUMES?

    Kind regards

    Gerrit Lehr

    If you have found this or other useful information, please consider awarding points to 'Correct' or 'useful '.

Maybe you are looking for