Security :: How To Implement RLS Policy Of Oracle

Apr 28, 2011

I have tried to implement RLS policy of oracle.I have two Schema X1 & X1_DBA.

I have created the emp table in X1_DBA create table emp(empid number,ename varchar2(10),deptno number) and inserted some rows into the Table. i have created the below function in X1_DBA schema & Given Select Privilege to X1.

CREATE OR REPLACE FUNCTION no_dept10(
p_schema IN VARCHAR2,
p_object IN VARCHAR2)
RETURN VARCHAR2

[code]...

When i Add the Policy in X1_DBA.schema i am getting the Error as Table does not exist

SQL> BEGIN
2 DBMS_RLS.add_policy
3 (object_schema => 'X1',
4 object_name => 'EMP',

[code]...

ORA-00942: table or view does not exist
ORA-06512: at "SYS.DBMS_RLS", line 20
ORA-06512: at line 2

View 7 Replies


ADVERTISEMENT

Security :: How To Edit Created Policy (Virtual Private Database)

Mar 28, 2012

I Created the Security Policy as user sysadmin_vpd as follows

BEGIN
DBMS_RLS.ADD_POLICY (
object_schema => 'scott',
object_name => 'orders_tab',
policy_name => 'orders_policy',
function_schema => 'sysadmin_vpd',
policy_function => 'get_user_orders',
statement_types => 'select');
END;

After creation this policy I want to view & edit them.By default where they are saved.

View 3 Replies View Related

Security :: Virtual Private Database Update Policy On Complex Views

Aug 21, 2013

1)I have created a complex view, and created an instead of trigger on this view

example:

create or replace trigger tr_x instead of before update on test_view_name for each row
-------
2) I have created an update policy on this view

DBMS_RLS.ADD_POLICY (
object_schema := schema_name,
object_name := name of the view,
policy_name := ploicy name,
function_schema := func schema name,
policy_function := pkg_test.fn_get_where,
statement_types := 'UPDATE',
update_check := TRUE,
policy_type := dbms_rls.dynamic);

3) function pkg_test.fn_get_where, which is used in the policy function always return 1 = 2, so that update should fail.

4) Now I will issue an update statement on the view test_view_name

update test_view_name set test_col = 1;

but still it updates the records, though update policy returns the where cluse 1 = 2

same where clause for select policy works perfectly fine.

View 4 Replies View Related

Security :: How To Implement Row And Column Level Vpd Simultaneously

May 4, 2011

--here's my set up

CREATE USER schemaowner IDENTIFIED BY schemaowner
DEFAULT TABLESPACE users TEMPORARY TABLESPACE temp;
GRANT connect, resource TO schemaowner;

CREATE USER user1 IDENTIFIED BY user1
DEFAULT TABLESPACE users TEMPORARY TABLESPACE temp;
GRANT connect, resource TO user1;

[Code] .....

my desired outcome for user 1

user1> select * from schemaowner.user_data;
user_id column1
1 USER1

my desired outcome for user2 are as follow:

user1> select * from schemaowner.user_data;
user_id column2
2 TESTER 2

the nearest solution is from with reference to [URL]

Quote:
Adding Policies for Column-Level VPD
....

SELECT ENAME, d.dname, JOB, SAL, COMM from emp e, dept d
WHERE d.deptno = e.deptno;

the database returns a subset of rows as follows:

ENAME DNAME JOB SAL COMM
-------------- -------------- ------------ ------------ -------------
ALLEN SALES SALESMAN 1600 300
WARD SALES SALESMAN 1250 500
MARTIN SALES SALESMAN 1250 1400
BLAKE SALES MANAGER 2850
TURNER SALES SALESMAN 1500 0
JAMES SALES CLERK 950

so how do I implement roll level and column level simultaneously?

View 3 Replies View Related

SQL & PL/SQL :: Oracle Virtual Private Database Policy

Mar 31, 2012

I created policy as follow.

BEGIN
DBMS_RLS.ADD_POLICY (
object_schema => 'scott',
object_name => 'orders_tab',
policy_name => 'orders_policy',
function_schema => 'nisadmin_vpd',
policy_function => 'get_user_orders',
statement_types => 'select');
END;
/

After the creation of this policy for the table when I select the table Orders_tab then getting the below error.

ORA-00904: "ORA_ROWSCN": invalid identifier

When I dropped this policy then I can see the records of Order_tab table.

View 3 Replies View Related

Security :: Oracle 11G And Advanced Security / FIPS 140-2 Compliant Encrypt Data At Rest

Dec 26, 2012

Any documentation supporting Oracle 11G and Advanced Security stating encryption at rest is FIPS 140-2 compliant?

View 3 Replies View Related

Forms :: How To Implement MS Excel SUM IF Function In Oracle

Dec 24, 2010

I am trying to translate some input data given in MS Excel into Oracle Forms. The Excel sheet consists of usage of the SUMIF() to calculate the values. I am struggling to implement this in Oracle Forms.

I am attaching a screenshot with some sample data set to explain my problem in detail.

View 6 Replies View Related

Security :: Moving Application Security To Oracle From Sybase

Aug 18, 2010

In Sybase, my application was using system tables to perform application login security. Those tables obviously don't exist in Oracle. I am looking for ways to provide the following functionality in an Oracle world:

1. How to determine 'x' days of inactivity based on "last login date"?

2. How to determine when a new user logs in for the first time and force them to change their password?

3. If we need to reset a users password, how can we require the user to change their password?

4. Is there any other option other than storing a user-id/password in the application code for locking a user's account if their account needs to be locked due to inactivity?

5. In the USER_USERS view there is a status column. What the different status's can be?

View 3 Replies View Related

Implement Custom Logic On Button In Oracle CRM On Demand

Jun 25, 2013

we wanted to know the approach of how to implement our custom logic through button click (which is vanilla) in Oracle CRM on Demand

View 1 Replies View Related

Group Policy In VPD

Jun 19, 2013

Give me some examples of creating grouped in VPD .

Group policy example for
1) Grouped policy on same table for different columns
2) Grouped policy on two different table for different columns

View 1 Replies View Related

Sparing Archived Redo Logs From Retention Policy?

Oct 4, 2010

I'm running Oracle 9i on AIX 5.2. I'm not using a recovery catalog, nor am I using media management software. I perform a full, online rman backup of the database and archived redo logs daily to disk, then use operating system commands to copy the backup to tape. There is only space on disk for two days' backups, so I need to have a retention policy of "redundancy = 1", and run a "delete obsolete" prior to the backup. The problem is that I don't want to subject the archived redo logs to this retention policy.

I have two physical standby databases connected by WAN to the primary site, and I might need archived redo logs that are a few days (or more) old in the event of a prolonged WAN outage. I've read about the "keep forever" option, but apparently it isn't available without using a recovery catalog. Is there any way to spare the archived redo logs from my retention policy?

Note: I want to "protect" the actual archived redo logs from the retention policy, not the backups of the archived redo logs.

View 3 Replies View Related

RMAN :: Restoring Backup From Tape Beyond Retention Policy?

Nov 7, 2013

How we can use RMAN backup to restore oracle database when the RMAN backup pushed to tape already and being a OLD backup ( before retention policy date).Just to elaborate a more..  Say my retention policy is 3 days. I want to restore from a old backup  like 30 days old.So surely the requesting backup is behind retention date and has been pushed to tape.

View 1 Replies View Related

Backup & Recovery :: RMAN - Archivelog Deletion Policy Not Working?

Oct 4, 2012

I'm on a Windows server 2003 R2 64 bit, database is 11.1.0.7. From RMAN connected to the target and the catalog, this is a show all;

RMAN> show all;

RMAN configuration parameters for database with db_unique_name ORCL are:

CONFIGURE RETENTION POLICY TO RECOVERY WINDOW OF 3 DAYS;
CONFIGURE BACKUP OPTIMIZATION OFF;
CONFIGURE DEFAULT DEVICE TYPE TO DISK;
CONFIGURE CONTROLFILE AUTOBACKUP ON;
CONFIGURE CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE DISK TO 'F:oracleadmin

[code]....

I'm running incremental backups, a level 0 on sunday and a level 1 the other days of the week, this is the ctl file:

LEVEL 0:
connect target /@ORCL
connect catalog rman/rmanpw@rmancat
RUN
{

[code]....

The level 0 does delete the archive logs (because of the delete input). Each backupset has two copies of the archive logs (which is what I want), and I expected the logs to be deleted after being backed up 2 days (each day is twice, 2 days = 4 times). But it's not deleting the logs, even after 6 runs.

View 4 Replies View Related

Data Guard :: Configure Archivelog Deletion Policy To Applied On Standby

Nov 16, 2012

I have a DR setup with the following configuration

CONFIGURE RETENTION POLICY TO RECOVERY WINDOW OF 30 DAYS;
CONFIGURE BACKUP OPTIMIZATION OFF; # default
CONFIGURE DEFAULT DEVICE TYPE TO DISK;
CONFIGURE CONTROLFILE AUTOBACKUP ON;
CONFIGURE CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE DISK TO '%F'; # default
CONFIGURE DEVICE TYPE DISK PARALLELISM 1 BACKUP TYPE TO BACKUPSET;
CONFIGURE DATAFILE BACKUP COPIES FOR DEVICE TYPE DISK TO 1; # default
CONFIGURE ARCHIVELOG BACKUP COPIES FOR DEVICE TYPE DISK TO 1; # default
CONFIGURE MAXSETSIZE TO UNLIMITED; # default
CONFIGURE ENCRYPTION FOR DATABASE OFF; # default
CONFIGURE ENCRYPTION ALGORITHM 'AES128'; # default
CONFIGURE COMPRESSION ALGORITHM 'BASIC' AS OF RELEASE 'DEFAULT' OPTIMIZE FOR LOAD TRUE ; # default
CONFIGURE ARCHIVELOG DELETION POLICY TO APPLIED ON STANDBY

I dont want to backup the STDBY DB but I want the ARC files to be removed when applied so my flash area does not fill up. Is there some command(rman or not) that can fire off this policy?

View 6 Replies View Related

Security :: How To Configure Oracle EM With Newly Created Oracle Instance On 10g DB

Dec 11, 2012

How to configure Oracle EM with newly created Oracle Instance on Oracle 10g DB,which is Single Instance DB but not RAC ,when I start the Oracle EM it is starting the default DB which created during Oracle Server Installation.

View 0 Replies View Related

Security :: Enhance Security Of Windows And Recover Lost / Forgotten Password?

Nov 16, 2010

Lost Windows password? Forgot Windows password? Your PC was hacked? Therefore, it is a basic step for every Windows users to enhance the security of Windows password. In the networks, it is found that a number of user's passwords are easy to guess. Only the smallest groups are the most security conscious and select passwords that are mixed lowercase and uppercase letters, numbers and punctuation to create cryptic passwords. Adopting strong password is one of the most effective ways to ensure system security. Here are several methods for you to enhance the security of your passwords in Windows 7/2000/XP/Vista and so on. You'd better remember the methods below unless you want to reset Windows password from time to time.

1. Is random password a great password?

A common myth is that totally random passwords like Ht3&e#L%5d@$B are the best passwords. This is not true. While they may be strong passwords, they are usually difficult to remember, slow to type, and sometimes vulnerable to attacks against the password generating algorithm. It is easy to create passwords that are strong but much easier to remember by using a few simple techniques. For example, consider the password "Luck-73@Better?". This password utilizes uppercase and lowercase letters, two numbers, and three symbols. The password is 15 characters long and can be memorized with very little effort. Moreover, this password can be typed very fast. The portion"Luck" and "Better" alternate between left and right-handed keys on the keyboard, improving speed, decreasing typos, and decreasing the chances of someone being able to discover your password by watching you.

2. Create the long Windows password

Although a password may eventually be discovered through some means, it is possible to create a password that cannot be cracked in any reasonable time. If a password is long enough, it will take so long or require so much processing power to crack it. That is essentially the same as being unbreakable (at least for most hackers).

3. Create the Windows password constantly?

This may be good advice for some high-risk passwords, but it is not the best policy for every user. It is frustrating for a user to have to constantly think of and remember new passwords every 30 days. It may be better to focus on stronger passwords and better user awareness rather than limiting password age. A more realistic time for the common user may be 90-120 days.

4. Write down Windows password in a proper place

Sometimes it is necessary for some users losing and forgetting complex passwords easily to write down them somewhere proper. However, it is important to educate users on how to write down passwords properly. Obviously, a sticky note on the monitor is not a good idea, but storing passwords in a safe or even a locked cabinet may be sufficient.

5. 14 characters is the optimal password length

Each character that you add to your password increases the protection. Your passwords should be 8 or more characters in length; 14 characters or longer is the Optimal Password Length. Many systems also support use of the space bar in passwords, so you can create a phrase made of many words. It is not easier to forget and lose, as well as longer than a simple password, and harder to guess.

6. Try not to use the same Windows password for all accounts

Some users always make the same passwords for every account to make it easy to remember. In that case, when any one of them lost, your other information protected by that password will be in danger as well. It is serious to use different passwords for different systems and accounts.

7. Do not use some common words that other users maybe guess

Most of users prefer to use some common words to remember easily, for example, login name, birth date, driver's license, passport number, pets' name and other words contained their personal information someone knows. In that case, your Windows system will not be safe anymore. Moreover, do remember not to use some words spelled backwards, abbreviations, sequences or repeated characters and adjacent letters, such as, asdfgh, 123456, 888888, abcdef and so on.

You can smoothly use your Windows now because the strong and powerful Windows password is created successfully, Certainly, I believe that many users lost Windows password and forgot Windows password, then you need have to reset Windows password or recover Windows password. It is a big problem for plenty of Windows users that how to reset Windows password. how to recover Windows password and they are puzzled by resetting windows password, for instance, reset Windows 7 password, recover password Windows XP, remove Windows Vista password and other operating systems after they create the password with complex letters, numbers and symbols. However, it is unnecessary to worry and it is said that things will eventually sort themselves out. There are many ways to reset forgotten Windows password, including use windows password reset disk and windows password reset software, like Super Windows Password Reset, a professional windows password reset software which could enable you to logon to Windows smoothly without reinstalling system.

View 1 Replies View Related

SQL & PL/SQL :: Implement In Indexing?

Apr 12, 2013

what is the best practice to implement in Indexing,is it global indexing or local indexing, I would like implement one of them in object that has been partitioned horizontally.i dont know exactly what to make of it.

View 9 Replies View Related

RAC & Failsafe :: How To Implement Non-RAC

Jan 12, 2013

We have an Implementation of Non-RAC (Single Instance with Existing ASM-RAC as storage) and below is the Details,

The client have a Real Application Cluster configuration on their AIX Server from there Data Center and they want to implement a Single instance Database that will used ASM as Storage and the storage or Disk that they want to use is the same Disk or Mirror copy of the Disk from their RAC Database.

Scenario:
-The AIX Server that they have is a one-way Hardware Mirroring (PPRC) only and it is not designed to run a 24/7 activity.
-DATAGUARD is not an option.

View 5 Replies View Related

SQL & PL/SQL :: How To Implement Inner View Query

Apr 19, 2011

SELECT
DISTINCT CUSTR.TRX_NUMBER trx_number,
CUSTR.TRX_DATE transaction_date,
(
SELECT
MAX(DECODE(fndcatusg.format,'H', st.short_text,NULL,st.short_text, NULL) )
FROM fnd_attachment_functions fndattfn,

[code]....

I have this above query i want to make this query like

SELECT
DISTINCT CUSTR.TRX_NUMBER trx_number,
CUSTR.TRX_DATE transaction_date,
CORRECTED_PROMISE_DATE
FROM
RA_CUSTOMER_TRX_ALL CUSTR

View 2 Replies View Related

Data Guard :: Implement On Same PC

Apr 5, 2010

I want to implement data guard on same PC.

View 1 Replies View Related

SQL & PL/SQL :: How To Implement Trigger After Update

Jan 13, 2011

SQL> CREATE OR REPLACE TRIGGER TRI_ABOVE_JOINTBOX
2 BEFORE UPDATE ON JOINT_BOX FOR EACH ROW
3 DECLARE
4 PRAGMA autonomous_transaction;
5 BEGIN
6 IF (:NEW.SCALE_X <> :OLD.SCALE_X) OR
7 (:NEW.SCALE_Y <> :OLD.SCALE_Y) THEN

[code]....

The above code is for the GIS project. When I am trying to implement the above trigger it is giving output in such a way that the joint box(which is point feature in the designed database) scale is fixed to 1 as written in the code,but it cannot be moved in the DGN(front end),this is because trigger is fired before update.

Actual intention is that the feature(joint box) need to move in the DGN then the trigger need to be fired so that then scale need to fixed to one even after changing.For that I implemented after update trigger in the above code,but then it is throwing error as

ORA-04084: cannot change NEW values for this trigger type. I guess this is because after update trigger cannot be implemented for bind variables old and new.

1.joint box can move in DGN(this can be acheived automatically if after implementing after update trigger).

2.after dragging in the DGN the scale to be fixed as 1.

View 2 Replies View Related

Security :: Oracle Gateways 11g

Jul 18, 2012

we have a oracle database version 11.2.0.1. now we have installed database gateways 11g in sql server machine and created db link in oracle and working fine

Now my question is:

Windows 2003 server having sql server and 11g Gateways installed

But oracle database is 10g............if i create link in Oracle it will work? because 11gR2 gateway will synch with Oracle 10g database.

View 0 Replies View Related

How To Implement Change Notification Database

Sep 3, 2013

how to implement change notification database in oracle forms?

I want to display some data to user،when change a table in database . now Can i do this work with change notification database in oracle form10g?

View 1 Replies View Related

Server Utilities :: SQL Loader - How To Implement

Jul 7, 2010

SQL Loader - How to implement/Best solution.

I have 3 tables with their columns:
- MASTER_TABLE - MASTER_ID, DATA;
- PARENT_TABLE_A - MASTER_ID, DATA;
- PARENT_TABLE_B - MASTER_ID, DATA.

And the file I need to import has lines like the ones below:

MMMASTER_TABLE1
PAPARENT_TABLE_A1
PBPARENT_TABLE_B1
MMMASTER_TABLE2
PAPARENT_TABLE_A2
PBPARENT_TABLE_B2
MMMASTER_TABLE3
PAPARENT_TABLE_A3
PBPARENT_TABLE_B3

The line means:

- 1 - M or P: indicates which table to insert: MASTER or PARENT;
- 2 - M or A or B: indicates MASTER, PARENT_A, PARENT_B;
- 3:18 - DATA.

Based on the values above, what I need to do is:

1. Load a line to MASTER_TABLE;
2. Load a line to PARENT_TABLE_A pointing to its relative line in MASTER_TABLE;
3. Load a line to PARENT_TABLE_B pointing to its relative line in MASTER_TABLE;
4. In the original file line, there is nothing I can use to join a MASTER line with a PARENT line.

The result would be:
MASTER_ID PARENT_DATA
1 PARENT_TABLE_A1
1 PARENT_TABLE_B1
2 PARENT_TABLE_A2
2 PARENT_TABLE_B2

I tried to use both: SEQUENCE and Sequence.NextVall (CurrVal) but they only work when using ROWS=1 and the file I need to load has millions of rows, so I need direct path loading.Also, I read about External Table, but it does not suit my needs because the Application server is not the same as Database server, which is needed by external tables.

in this case is better load the data to a temporary table and then insert to the other tables, I found almost the same question in the topic pointed by the link below: URL....

View 7 Replies View Related

Forms :: How To Implement Session Expiration In 6

Apr 20, 2010

How I can implement session expiration in form 6.

i.e. if the user is idle for a few minutes, I wish to present a message and then close the application.

View 5 Replies View Related

PL/SQL :: Implement Kerberos Authentication Protocol

Nov 23, 2012

Is there way implement Kerberos authentication protocol with PLSQL? I am consuming web service with utl_http, which implement only basic authentication and I was able to find implementation with PLSQL for NTLM. So I am wondering if there is a kerberos implementation.

View 0 Replies View Related

PL/SQL :: Implement Multi-threading From Procedure

Aug 23, 2012

whether it is possible to implement multi-threading in plsql?

we have a plsql procedure in our application which processes around 50 MM records per day. I am looking for options to implement multi-threading from the same procedure, so that work can be distributed across parallel threads/sessions and will finish processing faster.

View 4 Replies View Related

Security :: How To Enable Auditing In Oracle

Dec 8, 2011

How to enable auditing in oracle ?

View 2 Replies View Related

Security :: Oracle Password Encryption

Oct 10, 2011

While searching for password encryption I came across these statements.

1.Password Encryption While Connecting. This protection is always in force, by default. Passwords are always automatically and transparently encrypted during network (client/server and server/server) connections, using a modified DES (Data Encryption Standard) or 3DES algorithm, before sending them across the network.

Confirm whether by default oracle encrypts the password before sending it to the database across the network even when the clear text password is used for connecting from a jdbc client.

View 1 Replies View Related

Security :: Oracle Account Limitation

Oct 25, 2011

there is urge to limit account usability in oracle.

let's say i have request to create user HR1, and additional information is that this account should be available for using till 31-dec-2011. is there possibility to set this validity during creation?

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved