Oracle Real Application Security (RAS)
Version 12.1.0.2

General Information
Library Note Morgan's Library Page Header
For how many years have you been working with physical servers that are starving your database of the memory necessary to deploy important new performance features such as the Result Cache, Memoptimize Pool, In-Memory Aggregation, In-Memory Column Store, and Full Database Caching? Too long? Contact me to learn how to improve all queries ... not just some queries.
Purpose  
Dependencies
DBA_ACL_NAME_MAP DBA_XDS_ACL_REFRESH DBMS_XS_PRINCIPALS
DBA_HOST_ACLS| DBA_XDS_ACL_REFSTAT DBMS_XS_SESSIONS
DBA_NETWORK_ACLS DBA_XDS_LATEST_ACL_REFSTAT XS$ACE_TYPE
DBA_NETWORK_ACL_PRIVILEGES DBA_XS_ACLS DBMS_XS_SESSIONS_FFI
DBA_WALLET_ACLS DBA_XS_ACL_PARAMETERS  
RAS Functions
RAS Packages
DBMS_XS_SESSIONS XS_DATA_SECURITY XS_NAMESPACE
XS_ACL XS_DATA_SECURITY_UTIL XS_PRINCIPAL
XS_ADMIN_UTIL XS_DIAG XS_SECURITY_CLASS
 
RAS Functions
COLUMN_AUTH_INDICATOR
Checks whether the specified table column is authorized on a particular table row
COLUMN_AUTH_INDICATOR(col) RETURN BOOLEAN;
TBD
ORA_CHECK_ACL

Checks whether an application user has the queried application
privileges according to a list of ACLs
ora_check_acl(XS_Operator IN HEX_NUMBER, arg2, arg3) RETURN BOOLEAN

ORA_CHECK_ACL(
acls IN RAW,
(privileges IN VARCHAR(128))+)
return NUMBER;
SELECT ora_check_acl(2147483661,  2147483653, NULL) FROM dual;
                     *
ERROR at line 1:
ORA-00932: inconsistent datatypes: expected BINARY got NUMBER
ORA_CHECK_PRIVILEGE

Checks whether the specified system privileges have been
granted to an application user

As can be seen in the demo at right I was unable to find a valid combination that would return a 1
ora_check_privilege(
arg1 IN VARCHAR2,
arg2 IN VARCHAR2)
RETURN NUMBER;
SELECT ora_check_privilege('SYS', 'CREATE TABLE') FROM dual;

SELECT ora_check_privilege('CREATE TABLE', 'SYS') FROM dual;

SQL> SELECT ora_check_privilege('A', 'B', 'C', 'D','E','F','G','H')
  2  FROM dual;

ORA_CHECK_PRIVILEGE('A','B','C','D','E','F','G','H')
----------------------------------------------------
                                                   0
ORA_GET_ACLIDS

Returns a list of ACL identifiers associated with an object instance of the
XDS-enabled tables for the current application user
ORA_GET_ACLIDS (
table_alias IN VARCHAR2,
privileges  IN VARCHAR(128))+)
RETURN RAW;
This example on page 10-4 of the docs is nonsense
TO_ACLID

Appears able to converts an unknown value, possibly an ACL name to an ACL_ID but, as in the demo at right, I can prove the
function exits but not get it working properly
to_aclid(<arg> IN VARCHAR2) RETURN VARCHAR2;
SELECT to_aclid(name)
FROM xs$obj;
FROM xs$obj
     *
ERROR at line 2:
ORA-46114: ACL name XSAUTHENTICATED not found.

TO_ACLID(
(acls IN VARCHAR(128))+)
return NUMBER;
XS_SYS_CONTEXT (Introduced 11.1.0.6)

Retrieves the session attributes and the XS$GLOBAL_VAR namespace
attribute for the current application session
xs_sys_context(
namespace IN VARCHAR2
attribute IN VARCHAR2)
RETURN VARCHAR2;
SQL> DECLARE
2 sessID RAW(64); 3 BEGIN 4 dbms_xs_sessions.create_session('MORGAN', sessID, is_external=>TRUE); 5 dbms_output.put_line(sessID); 6* END; SQL> / 1E72B33ED6E040AEAFB4896F81582932 SELECT xs_sys_context('XS$SESSION', 'SESSION_XS_USER_GUID')
FROM dual;

SELECT xs_sys_context('XS$SESSION', 'SESSION_ID')
FROM dual;

Related Topics
DBMS_METADATA
DBMS_XS_PRINCIPALS
DBMS_XS_SESSIONS
DBMS_XS_SESSIONS_FFI
DBMS_XS_SYSTEM
DBMS_XS_SYSTEM_FFI
DBMS_XS_SIDP
DBMS_XS_SYSTEM
DBMS_XS_SYSTEM_FFI
Packages
XS_ACL
XS_ACL_INT
XS_ADMIN_UTIL
XS_DATA_SECURITY
XS_DATA_SECURITY_UTIL
XS_DIAG
XS_DIAG_INT
XS_NAMESPACE
XS_PRINCIPAL
XS_SECURITY_CLASS
What's New In 12cR1
What's New In 12cR2

Morgan's Library Page Footer
This site is maintained by Dan Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2019 Daniel A. Morgan All Rights Reserved