Oracle DBMS_MACSEC_ROLES
Version 18.3.0.1

General Information
Library Note Morgan's Library Page Header
Coming to OpenWorld 2018? Be sure to visit the TidalScale booth in Moscone South and learn how to solve performance problems and lower costs with Software Defined Servers. Before you visit the booth, or if you can't make it this year, check out TidalScale at www.tidalscale.com. Be sure to click on the Solutions link and look through the Oracle resources.
Purpose Used to check the authorization for a user or to set an Oracle Database Vault secure application role. The DVSYS.DBMS_MACSEC_ROLES package is available to all users which is a gross violation of good security practices. The Library recommends revoking the GRANT to PUBLIC and only granting execute on this package to a very limited number of authorized and audited users.
AUTHID CURRENT_USER
Dependencies
DBMS_ASSERT DBMS_STANDARD IS_SECURE_APPLICATION_ROLE
DBMS_MACUTL DBMS_UTILITY ROLE_IS_ENABLED
DBMS_SESSION    
Documented Yes
First Available Not Known
Security Model Owned by DVSYS with EXECUTE granted to PUBLIC
Source {ORACLE_HOME}/rdbms/admin/catmacp.sql
Subprograms
 
CAN_SET_ROLE
Checks whether the user invoking the method is authorized to use the specified DV Secure Application Role. The authorization is determined by checking the Rule Set associated with the role. dbms_macsec_roles.can_set_role(p_role IN VARCHAR2)
RETURN BOOLEAN ;
BEGIN
  IF dbms_macsec_roles.can_set_role('UW_APP_MGR') THEN
       dbms_macsec_roles.set_role('UW_APP_MGR');
  ELSE
    RAISE_APPLICATION_ERROR(-20001, 'UW_APP_MGR Role Cannot Be Set');
  END IF;
END;
/
 
SET_ROLE
Issues the SET ROLE command for a DV Secure Application Role dbms_macsec_roles.set_role(p_role IN VARCHAR2);
PRAGMA SUPPLEMENTAL_LOG_DATA(set_role, NONE);
See CAN_SET_ROLE function above

Related Topics
Built-in Functions
Built-in Packages
DBMS_MACAUD
DBMS_MACOUT
DBMS_MACSEC_FUNCTION
DBMS_MACSEC_RULES
OLS_ENFORCEMENT
OLS$DATAPUMP
What's New In 12cR2
What's New In 18cR3

Morgan's Library Page Footer
This site is maintained by Dan Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2017 Daniel A. Morgan All Rights Reserved