DBA_NETWORK_ACL_PRIVILEGES describes the network privileges defined in all access control lists that are currently assigned to network hosts.
| Column | Datatype | NULL | Description |
| ACL | VARCHAR2(4000) | | Path of the access control list |
| ACLID | RAW(16) | NOT NULL | Object ID of the access control list |
| PRINCIPAL | VARCHAR2(4000) | | Principal (database user or role) whom the privilege is granted to or denied from |
| PRIVILEGE | VARCHAR2(7) | | Network privilege |
| IS_GRANT | VARCHAR2(5) | | Indicates whether the privilege is granted (true) or denied (false) |
| INVERT | VARCHAR2(5) | | Indicates whether the access control entry contains invert principal (true) or not (false) |
| START_DATE | TIMESTAMP(9) WITH TIME ZONE | | Start date of the access control entry |
| END_DATE | TIMESTAMP(9) WITH TIME ZONE | | End date of the access control entry |
Note:
1. There are two data dictionary views related to ACL: DBA_NETWORK_ACLS and DBA_NETWORK_ACL_PRIVILEGES. ACLs are stored in XML DB, which must be installed for the use of ACLs. Two steps are needed to create ACL. The first step is to create the actual ACL and define privileges for it:
BEGIN
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL (
acl => ’file_name.xml’,
description => ’file description’,
principal => ’user_or_role’,
is_grant => TRUE|FALSE,
privilege => ’connect|resolve’,
start_date => null|timestamp_with_time_zone,
end_date => null|timestamp_with_time_zone);
END;
The second step is to assign network hosts to the ACL:
BEGIN
DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL (
acl => ’file_name.xml’,
host => ’network_host’,
lower_port => null|port_number,
upper_port => null|port_number);
END;
No comments:
Post a Comment