Edit D:\app\Administrator\product\11.2.0\dbhome_1\oc4j\j2ee\oc4j_applications\applications\em\em\online_help\tdpsg\tdpsg_privileges010.htm
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=us-ascii" /> <meta http-equiv="Content-Style-Type" content="text/css" /> <meta http-equiv="Content-Script-Type" content="text/javascript" /> <title>Step 3: Create the Secure Application Role</title> <meta name="generator" content="Oracle DARB XHTML Converter (Mode = ohj/ohw) - Version 5.1" /> <meta name="date" content="2009-06-02T18:13:3Z" /> <meta name="robots" content="noarchive" /> <meta name="doctitle" content="Step 3: Create the Secure Application Role" /> <meta name="relnum" content="11g Release 2 (11.2)" /> <meta name="partnum" content="E10575-01" /> <link rel="copyright" href="./dcommon/html/cpyr.htm" title="Copyright" type="text/html" /> <link rel="stylesheet" href="./dcommon/css/blafdoc.css" title="Oracle BLAFDoc" type="text/css" /> <link rel="contents" href="toc.htm" title="Contents" type="text/html" /> <link rel="prev" href="tdpsg_privileges009.htm" title="Previous" type="text/html" /> <link rel="next" href="tdpsg_privileges011.htm" title="Next" type="text/html" /> <script src="./callback.js" type="text/javascript"></script> <noscript>Your browser does not support JavaScript. This help page requires JavaScript to render correctly.</noscript> </head> <body> <div class="zz-skip-header"><a href="#BEGIN">Skip Headers</a></div> <table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100%"> <col width="86%" /> <col width="*" /> <tr valign="bottom"> <td align="left"></td> <td align="center"><a href="tdpsg_privileges009.htm"><img src="./dcommon/gifs/leftnav.gif" alt="Previous" /><br /> <span class="icon">Previous</span></a> </td> <td align="center"><a href="tdpsg_privileges011.htm"><img src="./dcommon/gifs/rightnav.gif" alt="Next" /><br /> <span class="icon">Next</span></a></td> </tr> </table> <p><a id="CIHGAGDG" name="CIHGAGDG"></a><a id="TDPSG33233" name="TDPSG33233"></a></p> <div class="sect3"><!-- infolevel="all" infotype="General" --> <h1>Step 3: Create the Secure Application Role</h1> <a name="BEGIN" id="BEGIN"></a> <p>Now, you are ready to create the <code>employee_role</code> secure application role. To do so, you must log on as the security administrator <code>sec_admin</code>. <a href="tdpsg_privileges008.htm#CIHHIJCB">"Step 1: Create a Security Administrator Account"</a> explains how to create the <code>sec_admin</code> account.</p> <p class="orderedlisttitle">To create the secure application role: </p> <ol> <li> <p>Start SQL*Plus and log on as the security administrator <code>sec_admin</code>.</p> <pre xml:space="preserve" class="oac_no_warn"> SQLPLUS sec_admin Enter password: <span class="italic">password</span> </pre> <p>SQL*Plus starts, connects to the default database, and then displays a prompt.</p> <pre xml:space="preserve" class="oac_no_warn"> SQL> </pre> <p>For detailed information about starting SQL*Plus, see <a href="topicid:ADMQS0361">Starting SQL*Plus and Connecting to the Database</a>.</p> </li> <li> <p>Create the following secure application role:</p> <pre xml:space="preserve" class="oac_no_warn"> CREATE ROLE employee_role IDENTIFIED USING sec_roles; </pre> <p>The <code>IDENTIFIED USING</code> clause sets the role to be enabled (or disabled) only within the associated PL/SQL package, in this case, <code>sec_roles</code>. At this stage, the <code>sec_roles</code> PL/SQL package does not need to exist.</p> </li> <li> <p>Connect as user <code>OE</code>.</p> <pre xml:space="preserve" class="oac_no_warn"> CONNECT oe Enter password: <span class="italic">password</span> </pre> <p>If you receive an error message saying that <code>OE</code> is locked, then you can unlock the <code>OE</code> account and reset its password by entering the following statements. For greater security, do not reuse the same password that was used in previous releases of Oracle Database. Enter any password that is secure, according to the password guidelines described in <a href="tdpsg_user_accounts007.htm#BEICECGF">"Requirements for Creating Passwords"</a>.</p> <pre xml:space="preserve" class="oac_no_warn"> CONNECT sys/as sysdba Enter password: <span class="italic">sys_password</span> PASSWORD OE Changing password for OE New password: <span class="italic">password</span> Retype new password: <span class="italic">password</span> Password changed. CONNECT oe Enter password: <span class="italic">password</span> </pre></li> <li> <p>Enter the following statement to grant the <code>EMPLOYEE_ROLE</code> role <code>SELECT</code> privileges on the <code>OE.ORDERS</code> table.</p> <pre xml:space="preserve" class="oac_no_warn"> GRANT SELECT ON OE.ORDERS TO employee_role; </pre> <p>Do not grant the role directly to the user. The PL/SQL package will do that for you, assuming the user passes its security policies.</p> </li> </ol> <div class="helpinfonotealso"> <h2>Related Topics</h2> <p><a href="tdpsg_privileges006.htm#BABCDIBA">About Secure Application Roles</a></p> </div> </div> <!-- class="sect3" --> <!-- Start Footer --> <div class="footer"> <table class="simple oac_no_warn" summary="" cellspacing="0" cellpadding="0" width="100%"> <col width="86%" /> <col width="*" /> <tr> <td align="left"><span class="copyrightlogo">Copyright © 2006, 2009, Oracle and/or its affiliates. All rights reserved.</span><br /> <a href="./dcommon/html/cpyr.htm"><span class="copyrightlogo">Legal Notices</span></a></td> <td align="center"><a href="tdpsg_privileges009.htm"><img src="./dcommon/gifs/leftnav.gif" alt="Previous" /><br /> <span class="icon">Previous</span></a> </td> <td align="center"><a href="tdpsg_privileges011.htm"><img src="./dcommon/gifs/rightnav.gif" alt="Next" /><br /> <span class="icon">Next</span></a></td> </tr> </table> </div> <!-- class="footer" --> </body> </html>
Ms-Dos/Windows
Unix
Write backup
jsp File Browser version 1.2 by
www.vonloesch.de