Security :: Populating CLIENT_ID Column In DBA_AUDIT_SESSION
Apr 28, 2011
I'm running a 10.2.0.4 database with auditing enabled:
SQL> show parameter audit_trail;
NAME TYPE VALUE
------------------------------------ -------- -------------
audit_trail string DB, EXTENDED
I have auditing enabled for create session:
SQL> select audit_option, success, failure from dba_stmt_audit_opts;
AUDIT_OPTION SUCCESS FAILURE
---------------------------------------- ---------- ----------
CREATE SESSION BY ACCESS BY ACCESS
My problem is that when I run a report against DBA_AUDIT_SESSION, the CLIENT_ID column is never populated, it's always blank. I've tried running a trigger to populate the client_identifier variable:
create or replace procedure capture_module
as
begin
dbms_session.set_identifier(sys_context('userenv','module'));
end;
/
[code]....
And if I put an access trigger on a table and create an audit event, the CLIENT_ID column from DBA_AUDIT_TRAIL and DBA_COMMON_AUDIT_TRAIL both show the updated value (module), but no matter what, I never get the CLIENT_ID column in DBA_AUDIT_SESSION to show anything - it's always null.
I want to run a report against DBA_AUDIT_SESSION that will tell me who logged in, when they logged in and out, where they logged in from and the one thing I can't get - what module they were running (SQLplus, Toad, etc). Why can't I get the CLIENT_ ID column to take the value I'm setting with the logon trigger?
View 13 Replies
ADVERTISEMENT
Aug 23, 2012
When reviewing failed login attempts with this query:
SELECT username, os_username, userhost, terminal, to_char(timestamp,'dd-mon-rrrr hh:mi:ss')
FROM sys.dba_audit_session
WHERE returncode != 0
and trunc(timestamp) >= trunc(sysdate-1)
ORDER BY 5
I find some records for a username that does not exist. In any of my databases. I presume that if an attempt to a nonexistent user was made, it would be rejected before it gets to the db. But then again, a bad password would also be rejected.
View 1 Replies
View Related
Jun 27, 2011
create or replace function nothin
return int
as
type arr_type is table of departments.department_id%type index by binary_integer;
arr arr_type;
begin
select department_id into arr from departments;
return 4;
end;
It gives the error : Quote:expression 'ARR' in the INTO list is of wrong type I can't figure out why.
View 6 Replies
View Related
Jul 16, 2010
I have a field on a form which is not a database item. The value for this is got by concatenating 3 other fields which are database items but not visible on form. But when i am running the execute query to fetch results into these items I want to concatenate the value in those 3 DB fields and display it in the other non-db field at runtime.
View 2 Replies
View Related
Jul 25, 2012
My boss make a requirement in exist database as some user can view salary column at employment table by SQL and some user can view salary column at employment table by SQL.
The boss do not like to make changes front SQL. Ooracle 11g vault or Oracle Label Security is best for this requirement?
my oS is 2008 32 bit window and DB is 11.2.0.1
View 4 Replies
View Related
Sep 12, 2013
I'm writing a VPD function to be used for column masking. The predicate (WHERE-clause) it generates may take many different forms. In particular, it may contain inner-selects; for example,
"exists(select '*' from B where B.VAL = '123' and A.KEY = B.KEY)"
where A is the table that is associated to the VPD function, and B is some other table.
if this is OK for column masking? If not, my VPD function may sometimes work and sometimes fail, in unexpected ways.
The Oracle Database Security Guide (11g Release 1) says
Column-masking conditions generated by the policy function must be simple Boolean expressions, unlike regular Oracle Virtual Private Database predicates".
This seems to indicate that there are cases where a VPD function works for row-level security, but not for column masking.
an example of a 'regular Oracle VPD predicate' that doesn't work for column-masking?
View 5 Replies
View Related
May 4, 2011
--here's my set up
CREATE USER schemaowner IDENTIFIED BY schemaowner
DEFAULT TABLESPACE users TEMPORARY TABLESPACE temp;
GRANT connect, resource TO schemaowner;
CREATE USER user1 IDENTIFIED BY user1
DEFAULT TABLESPACE users TEMPORARY TABLESPACE temp;
GRANT connect, resource TO user1;
[Code] .....
my desired outcome for user 1
user1> select * from schemaowner.user_data;
user_id column1
1 USER1
my desired outcome for user2 are as follow:
user1> select * from schemaowner.user_data;
user_id column2
2 TESTER 2
the nearest solution is from with reference to [URL]
Quote:
Adding Policies for Column-Level VPD
....
SELECT ENAME, d.dname, JOB, SAL, COMM from emp e, dept d
WHERE d.deptno = e.deptno;
the database returns a subset of rows as follows:
ENAME DNAME JOB SAL COMM
-------------- -------------- ------------ ------------ -------------
ALLEN SALES SALESMAN 1600 300
WARD SALES SALESMAN 1250 500
MARTIN SALES SALESMAN 1250 1400
BLAKE SALES MANAGER 2850
TURNER SALES SALESMAN 1500 0
JAMES SALES CLERK 950
so how do I implement roll level and column level simultaneously?
View 3 Replies
View Related
Jun 12, 2012
I need encrypt column in the table (TDE) with 160 rows (PK) i'd like know what impact if i rn in time production this procedure. And as will be behavior the oracle database if this column is FK.
View 2 Replies
View Related
May 30, 2013
i have a column that contains 1 to 100 values but it has some missed data such as it does not has 50,45,34,23 etc..
so how could i find the missed data alone in a single query..
View 4 Replies
View Related
Jul 19, 2012
I created a test table with 4 columns(id, first_name,last_name, salary-number ) and then alter table to encrypted salary column . everything is OK.
I insert values into test table. However, I still can see salary value by select SQL.
What is wrong?
my db is oracle 11.2.01 in 2008 SP window
newdba
View 7 Replies
View Related
Jan 10, 2011
I would like to encode values in a column using SHA-2 (256 bit encryption). Does 10g support SHA-2 and if so how can i implement this?
View 2 Replies
View Related
Sep 10, 2013
I want to understand the restrictions that apply to VPD functions when used for column masking, compared with their use for Row-Level Security. According to the Oracle Database Security Guide (11g Release 1) Column-masking conditions generated by the policy function must be simple Boolean expressions, unlike regular Oracle Virtual Private Database predicates.
I have long understood the above as implying that column-masking conditions should not contain sub-queries (i.e. inner selects). However, we tested using a condition with a select inside another select (2-level nesting) and yet it worked. We were on 11g Release 2, by the way. So, I wonder about using sub-queries in column-masking conditions? Or, alternatively, what Oracle means with "regular VPD predicates" and "simple Boolean expressions" (of course, in the context of VPD)?
View 2 Replies
View Related
Apr 24, 2013
i have IR report page and download column as blob,how can security applied in specific column wise?e.g. Report page have more rows, and applied query in condition.
Select ID,dbms_lob.getlength(Blob_file) Download from Document_master
where Created_by=UPPER(:APP_USER)
OR
(exists (select '' from apex_workspace_group_users awgu
where awgu.user_name =:app_user AND awgu.GROUP_NAME='EMPLOYEE_GROUP'
)
)
Now all the rows with Download column to see EMPLOYEE_GROUP users,but i need control the download column only except Created_by=UPPER(:APP_USER) ,this case how can do the security.
View 5 Replies
View Related
Aug 17, 2011
I have an existing Procedure that uses a ref cursor as a parameter. The procedure currently simply selects data into the ref cursor using an OPEN FOR and then exits.
I have a need to extend the processing of the procedure. This will mean retrieving extra columns in the select and also removing some of the retrieved records.
I have the constraint that the definition of the REF CURSOR (which is based on a record type as follows) cannot be modified.
TYPE t_charge
IS
RECORD (
id number,
date_from invoice_detail.from_date%TYPE,
date_to invoice_detail.to_date%TYPE,
description invoice_detail.desc_text%TYPE,
amount invoice_detail.amount%TYPE
);
TYPE t_charge_cursor IS REF CURSOR RETURN t_charge;
The procedure does this
PROCEDURE get_bill_lines (
p_bill_id IN NUMBER,
bill_lines_list OUT t_charge_cursor )
IS
OPEN bill_lines_list FOR
SELECT id, from_date, to_date, desc_text, amount
from invoice_table
where id = p_bill_id;
I am thinking instead of selecting directly into the bill_lines_list parameter I will use a local REF CURSOR to select into a COLLECTION. I can then do some work on the collection, similar to below:
PROCEDURE get_bill_lines (
p_bill_id IN NUMBER,
bill_lines_list OUT t_charge_cursor )
TYPE t_local_charge
IS
RECORD (
[code].....
This all works fine, but the question is, how do I then put the collection into the bill_lines_list REF CURSOR where the '*** HERE ***' comment is so I can send the existing REF CURSOR structure back? (Remember I cannot change any definition that is referenced externally)
View 4 Replies
View Related
Oct 22, 2008
I am using Forms 6i.I have a Radio Group, where in I have specified Intial value for it. Previously it was populating properly, But when I have added some code to fix a bug. The radio group starts behaving strange. It doesnt show defaulted value.The code what i put is not even related to the radio group.
View 1 Replies
View Related
Jun 7, 2010
there are 3 radio buttons and 1 list item
i want different options to appear in the list item when choosing different radio buttons.
i've tried to compile the codes and there are no errors.
I dunno what went wrong.
B_DEV IS THE BLOCKNAME
LIST_ITEM IS THE NAME OF THE LIST ITEM
SEVEN_ELEVEN, MANNINGS, GNC ARE THE RADIO BUTTONS NAMES
FOR_BANNERS IS THE RADIO GROUP NAME
the following is my
DECLARE
[Code]....
View 2 Replies
View Related
Mar 26, 2010
I want to populate a combo box using values from a table, I know you can manually enter values in the combo box's property palette using the 'Elements in List' option, but this combo box will have changing values and I would prefer it to come from a table rather than manual entry so that when users add a new staff name to the table it will automatically be in the combo box.
I would need to use a trigger on this combo box, but which is the best to use and im guessing the SQL needed is more than just 'select * from staffname'?
View 6 Replies
View Related
May 20, 2010
I created one list item.which is populating values from list item query dynamically.If i select a particular value from list it will create new record.for the new record line i want to display list item as 'complete' (i.e not exists in the list).At this time i don't want the list also.How can i assign value to the list item in this scenario?
View 9 Replies
View Related
Jul 15, 2005
I have created a item, CO_NAME as List Item and list style is Poplist.
I have written following code in when-new-form-instance to populate the data from table to item.
DECLARE
rg_name VARCHAR2(40) := 'COMPANY';
rg_id RecordGroup;
[Code].....
But when I run the form, Oracle Error - FRM-41337:Cannot populate the list from record group.
View 2 Replies
View Related
Feb 8, 2011
I have 2 non data base blocks, these 2 blocks act like master details but there is no relation. In header block i have 2 fields called "Product name" and "Product Type"
in detail block having 2 tab pages one having multi record(20 item number and name displayed on it) another one having single record but it has around 20 image items displayed on it.
My requirement is once i enter the product name and then if i press either "key tab" or "Key Enter" or "Mouse Move" from product name field
into product type field then detail record should be populated automatically without using go_block and go_item.
View 4 Replies
View Related
Jul 7, 2011
I want to search values with F11.for example i will enter some value and i will press F11.it should be display that record. That block is populating values from code.
View 6 Replies
View Related
Aug 19, 2010
I have a form in which the fields are calculated fields. So i need to populate the form after calculating the values based on a database columns. For example if i have a table as below
COL A | Col B | Col C | Col D
2 3 4 5
3 4 5 6
I have 3 fields on my form which i need to populate such that field1 maps to col A. Field2 value is COL B * COL D for that value of COL A. Field 3 value is COLB * COL D for that value of col A.
I tried something like this
PROCEDURE NAME IS
cursor c1 is SELECT * FROM TABLEL;
begin
go_block('Block1');
clear_block(no_validate);
for i in c1 loop
:BLOCK.field1 := i.COL_A;
[code].......
this fetched all the records for field1 but for field2 and field3 it only calculates and populates the field row.
View 1 Replies
View Related
Dec 1, 2010
I have the scenario where I have a table(table 1) which stores the car code and the meaning of that code. I then have another table (table 2)which just stores the code. My datablock is based on the table which just contains the code(table 2). On my form if the user wishes to populate this field in the record I have a Lov which goes to the table 1 and retrieves the code and the meaning of it.
The code is then returned to the corresponding field in the datablock for table 2. this works fine in adding and editing. the user sees the meaning and whilst selecting from the lov populates the code field behind the scenes and everything works fine. However, my problem is when the user does a query only the code field is populated from table 2 (the code field is hidden to the user) therefore the meaning field is left blank as if there is no data there when in fact this is not the case.
View 2 Replies
View Related
Jul 31, 2010
In one of our cluster environment host 1 has 30+ targets. We are trying to add the targets in the grid. But while doing Agent Synchronization targets are not getting populated in the host..
Checked the log file of the same. Getting error as below..Not sure how to fix this.
2010-07-30 22:15:42,777 Thread-4158 ORAXML-229, File=file:/oracle/product/em/agent10g/magerdbspr08.corp.internal.com/sysman/emd/collection/rac_database_db303pta.xml, Line=0, Msg=LPX-00229: input source is empty (01006)
2010-07-30 22:15:46,534 Thread-4675 target {dbb01pta, rac_database} is broken: Computation of a critical dynamic property failed. Retries Completed (00156)
2010-07-30 22:15:46,580 Thread-4675 ORAXML-229, File=file:/oracle/product/em/agent10g/magerdbspr08.corp.internal.com/sysman/emd/collection/oracle_database_d01pt1_d01pt.xml, Line=0, Msg=LPX-00229: input source is empty (01006)
2010-07-30 22:15:46,581 Thread-4675 ORAXML-229, File=file:/oracle/product/em/agent10g/magerdbspr08.corp.internal.com/sysman/emd/collection/rac_database_dpta.xml, Line=0, Msg=LPX-00229: input source is empty (01006)
2010-07-30 22:15:47,603 Thread-4166 target {tta, rac_database} is broken: Computation of a critical dynamic property failed. Retries Completed (00156)
2010-07-30 22:15:47,648 Thread-4166 ORAXML-229, File=file:/oracle/product/em/agent10g/magerdbspr08.corp.internal.com/sysman/emd/collection/oracle_database_dta_d22.xml, Line=0, Msg=LPX-00229: input source is empty (01006)
View 1 Replies
View Related
Jul 13, 2011
I am having a problem with auto populating different fields based on inventory no. field.. This is a bug giving to me to work on and i not able to figure out how to populate the other fields.
How to set any triggers for the items to auto populate and i am suppose to finish this work today.
View 2 Replies
View Related
Dec 26, 2012
Any documentation supporting Oracle 11G and Advanced Security stating encryption at rest is FIPS 140-2 compliant?
View 3 Replies
View Related
Nov 16, 2010
Lost Windows password? Forgot Windows password? Your PC was hacked? Therefore, it is a basic step for every Windows users to enhance the security of Windows password. In the networks, it is found that a number of user's passwords are easy to guess. Only the smallest groups are the most security conscious and select passwords that are mixed lowercase and uppercase letters, numbers and punctuation to create cryptic passwords. Adopting strong password is one of the most effective ways to ensure system security. Here are several methods for you to enhance the security of your passwords in Windows 7/2000/XP/Vista and so on. You'd better remember the methods below unless you want to reset Windows password from time to time.
1. Is random password a great password?
A common myth is that totally random passwords like Ht3&e#L%5d@$B are the best passwords. This is not true. While they may be strong passwords, they are usually difficult to remember, slow to type, and sometimes vulnerable to attacks against the password generating algorithm. It is easy to create passwords that are strong but much easier to remember by using a few simple techniques. For example, consider the password "Luck-73@Better?". This password utilizes uppercase and lowercase letters, two numbers, and three symbols. The password is 15 characters long and can be memorized with very little effort. Moreover, this password can be typed very fast. The portion"Luck" and "Better" alternate between left and right-handed keys on the keyboard, improving speed, decreasing typos, and decreasing the chances of someone being able to discover your password by watching you.
2. Create the long Windows password
Although a password may eventually be discovered through some means, it is possible to create a password that cannot be cracked in any reasonable time. If a password is long enough, it will take so long or require so much processing power to crack it. That is essentially the same as being unbreakable (at least for most hackers).
3. Create the Windows password constantly?
This may be good advice for some high-risk passwords, but it is not the best policy for every user. It is frustrating for a user to have to constantly think of and remember new passwords every 30 days. It may be better to focus on stronger passwords and better user awareness rather than limiting password age. A more realistic time for the common user may be 90-120 days.
4. Write down Windows password in a proper place
Sometimes it is necessary for some users losing and forgetting complex passwords easily to write down them somewhere proper. However, it is important to educate users on how to write down passwords properly. Obviously, a sticky note on the monitor is not a good idea, but storing passwords in a safe or even a locked cabinet may be sufficient.
5. 14 characters is the optimal password length
Each character that you add to your password increases the protection. Your passwords should be 8 or more characters in length; 14 characters or longer is the Optimal Password Length. Many systems also support use of the space bar in passwords, so you can create a phrase made of many words. It is not easier to forget and lose, as well as longer than a simple password, and harder to guess.
6. Try not to use the same Windows password for all accounts
Some users always make the same passwords for every account to make it easy to remember. In that case, when any one of them lost, your other information protected by that password will be in danger as well. It is serious to use different passwords for different systems and accounts.
7. Do not use some common words that other users maybe guess
Most of users prefer to use some common words to remember easily, for example, login name, birth date, driver's license, passport number, pets' name and other words contained their personal information someone knows. In that case, your Windows system will not be safe anymore. Moreover, do remember not to use some words spelled backwards, abbreviations, sequences or repeated characters and adjacent letters, such as, asdfgh, 123456, 888888, abcdef and so on.
You can smoothly use your Windows now because the strong and powerful Windows password is created successfully, Certainly, I believe that many users lost Windows password and forgot Windows password, then you need have to reset Windows password or recover Windows password. It is a big problem for plenty of Windows users that how to reset Windows password. how to recover Windows password and they are puzzled by resetting windows password, for instance, reset Windows 7 password, recover password Windows XP, remove Windows Vista password and other operating systems after they create the password with complex letters, numbers and symbols. However, it is unnecessary to worry and it is said that things will eventually sort themselves out. There are many ways to reset forgotten Windows password, including use windows password reset disk and windows password reset software, like Super Windows Password Reset, a professional windows password reset software which could enable you to logon to Windows smoothly without reinstalling system.
View 1 Replies
View Related
Aug 18, 2010
In Sybase, my application was using system tables to perform application login security. Those tables obviously don't exist in Oracle. I am looking for ways to provide the following functionality in an Oracle world:
1. How to determine 'x' days of inactivity based on "last login date"?
2. How to determine when a new user logs in for the first time and force them to change their password?
3. If we need to reset a users password, how can we require the user to change their password?
4. Is there any other option other than storing a user-id/password in the application code for locking a user's account if their account needs to be locked due to inactivity?
5. In the USER_USERS view there is a status column. What the different status's can be?
View 3 Replies
View Related
May 21, 2012
ora-00000 normal successful completion error while populating data from Master block to Detail block in Oracle Forms 11g.
View 6 Replies
View Related
Jul 27, 2010
Provide me the script which would track all the users security violations like ... say for example i want to find which users logged in and what he did in database prospective.
View 1 Replies
View Related
