Database Reference
In-Depth Information
Listing 11-47.
Edit TNSNAMES.ora File
edit %ORACLE_HOME%\NETWORK\ADMIN\tnsnames.ora
ORCL =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = orcl)
)
)
APVER =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = apver)
)
)
Permit appsec to Create a Database Link
As
SYS
user grant the privilege for
appsec
user to create a personal database link in the
appsec
schema.
Unlike most other create statements, this is one that cannot be done in a different schema; we need to
be
appsec
user to create a personal database link in the
appsec
schema. As
SYS
, execute the commands in
Listing 11-48 to create a limited
appsec_role
for this grant.
Listing 11-48.
Grant Create Link Privilege to appsec
-- Must grant to user, not role since roles not exist without session
-- This is used in MASK/UNMASK - not needed on apver instance
GRANT EXECUTE ON sys.dbms_crypto TO appsec;
CREATE ROLE appsec_role NOT IDENTIFIED;
-- Give Application Security privilege to create Database Link
GRANT CREATE DATABASE LINK TO appsec_role;
GRANT appsec_role TO appsec;
-- Make the APPSEC_ROLE a non-default role for the APPSEC user
ALTER USER appsec DEFAULT ROLE ALL EXCEPT appsec_role;
Create the Personal Database Link as APPSEC
We made the
appsec_role
a non-default role, so now we need to log in as
appsec
and set our role to
appsec_role
.
SET ROLE appsec_role;