General Information
Library Note
Morgan's Library Page Header
Which has the higher priority in your organization: Deploying a new database or securing the ones you already have?
Looking for a website, and resources, dedicated solely to securing Oracle databases? Check out DBSecWorx .
Purpose
Real Application Security Role Set Management
AUTHID
DEFINER
Data Types
???
Dependencies
PLITBLM
XS$ROLESET_ROLES
XS_ADMIN_UTIL
XS$NAME_LIST
XS_ADMIN_UTIL
XS_ROLESET
XS$ROLESET
Documented
No
First Available
2009
Security Model
Owned by SYS with no privileges granted
Source
{ORACLE_HOME}/rdbms/admin/prvtxsrs.plb
Subprograms
ADD_ROLES
Adds a role to a role set
Overload 1
xs_roleset_int.add_roles(
role_set IN VARCHAR2,
role IN VARCHAR2);
exec xs_roleset_int.add_roles ('UW_RAS_ROLESET', 'XS_CACHE_ADMIN');
PL/SQL procedure successfully completed
Overload 2
xs_roleset_int.add_roles(
role_set IN VARCHAR2,
role_list IN XS$NAME_LIST);
DECLARE
nList sys.xs$name_list;
BEGIN
nList := sys.xs$name_list('');
nList(1) := 'XS_CONNECT';
nList.extend;
nList(2) := 'XS_SESSION_ADMIN';
xs_roleset_int.add_roles ('UW_RAS_ROLESET', nList);
END;
/
PL/SQL procedure successfully completed.
CREATE_ROLESET
Roleset creation API
xs_roleset_int.create_roleset(
name IN VARCHAR2,
role_list IN XS$NAME_LIST := NULL,
description IN VARCHAR2 := NULL);
exec xs_roleset_int.create_roleset ('UW_RAS_ROLESET');
PL/SQL procedure successfully completed
DELETE_ROLESET
Delete a role set
xs_roleset_int.delete_roleset(role_set IN VARCHAR2);
exec xs_roleset_int.delete_roleset ('UW_RAS_ROLESET');
PL/SQL procedure successfully completed
REMOVE_ROLES
Remove all roles from a role set
Overload 1
xs_roleset_int.remove_roles(role_set IN VARCHAR2);
exec xs_roleset_int.remove_roles ('UW_RAS_ROLESET');
PL/SQL procedure successfully completed
Remove a single role from the role set
Overload 2
xs_roleset_int.remove_roles(
role_set IN VARCHAR2,
role IN VARCHAR2);
exec xs_roleset_int.remove_roles ('UW_RAS_ROLESET', 'XS_CACHE_ADMIN');
Remove a list of roles from the role set
Overload 3
xs_roleset_int.remove_roles(
role_set IN VARCHAR2,
role_list IN XS$NAME_LIST);
DECLARE
nList sys.xs$name_list;
BEGIN
nList := sys.xs$name_list('');
nList(1) := 'XS_CONNECT';
nList.extend;
nList(2) := 'XS_SESSION_ADMIN';
xs_roleset_int.remove_roles ('UW_RAS_ROLESET', nList);
END;
/
PL/SQL procedure successfully completed.
SET_DESCRIPTION
Set roleset's description
xs_roleset_int.set_description(
role_set IN VARCHAR2,
description IN VARCHAR2);
exec xs_roleset_int.set_description ('UW_RAS_ROLESET', 'RAS Roleset');
PL/SQL procedure successfully completed.
SQL> SELECT * FROM XS$ROLESET_ROLES;
RSID# ROLE#
---------- ----------
2147493729 2147493730
col ctime format a30
col mtime format a30
col description format a30
SELECT * FROM xs$roleset;
RSID# CTIME MTIME DESCRIPTION
---------- ---------------------------- ---------------------------- -----------
2147493729 24-FEB-21 02.49.32.643930 AM 24-FEB-21 03.05.36.818089 AM RAS Roleset