Oracle® Database PL/SQL Packages and Types Reference 10g Release 2 (10.2) Part Number B14258-01 |
|
|
View PDF |
The DBMS_STREAMS_AUTH
package, one of a set of Streams packages, provides subprograms for granting privileges to Streams administrators and revoking privileges from Streams administrators.
See Also:
Oracle Streams Concepts and Administration for more information about this package and Streams administratorsThis chapter contains the following topic:
Table 107-1 DBMS_STREAMS_AUTH Package Subprograms
Subprogram | Description |
---|---|
GRANT_ADMIN_PRIVILEGE Procedure |
Either grants the privileges needed by a user to be a Streams administrator directly, or generates a script that can be used to grant these privileges |
GRANT_REMOTE_ADMIN_ACCESS Procedure |
Enables a remote Streams administrator to perform administrative actions at the local database by connecting to the grantee using a database link |
REVOKE_ADMIN_PRIVILEGE Procedure |
Either revokes Streams administrator privileges from a user directly, or generates a script that can be used to revoke these privileges |
REVOKE_REMOTE_ADMIN_ACCESS Procedure |
Disables a remote Streams administrator from performing administrative actions by connecting to the grantee using a database link |
Note:
All subprograms commit unless specified otherwise.This procedure either grants the privileges needed by a user to be a Streams administrator directly, or generates a script that can be used to grant these privileges.
Syntax
DBMS_STREAMS_AUTH.GRANT_ADMIN_PRIVILEGE( grantee IN VARCHAR2, grant_privileges IN BOOLEAN DEFAULT TRUE, file_name IN VARCHAR2 DEFAULT NULL, directory_name IN VARCHAR2 DEFAULT NULL);
Parameters
Table 107-2 GRANT_ADMIN_PRIVILEGE Procedure Parameters
Parameter | Description |
---|---|
grantee |
The user to whom privileges are granted |
grant_privileges |
If TRUE , then the procedure grants the privileges to the specified grantee directly, and adds the grantee to the DBA_STREAMS_ADMINISTRATOR data dictionary view with YES for both the LOCAL_PRIVILEGES column and the ACCESS_FROM_REMOTE column. If the user already has an entry in this data dictionary view, then the procedure does not make another entry, and no error is raised. If TRUE and any of the grant statements fail, then the procedure raises an error.
If You specify |
file_name |
The name of the file generated by the procedure. The file contains all of the statements that grant the privileges. If a file with the specified file name exists in the specified directory name, then the grant statements are appended to the existing file.
If |
directory_name |
The directory into which the generated file is placed. The specified directory must be a directory object created using the SQL statement CREATE DIRECTORY . If you specify a directory, then the user who invokes the procedure must have WRITE privilege on the directory object.
If If |
Usage Notes
The user who runs the procedure must be an administrative user who can grant privileges to other users.
Specifically, the procedure grants the following privileges to the specified user:
The RESTRICTED
SESSION
system privilege
EXECUTE
on the following packages:
DBMS_APPLY_ADM
DBMS_AQ
DBMS_AQADM
DBMS_AQIN
DBMS_AQELM
DBMS_CAPTURE_ADM
DBMS_FLASHBACK
DBMS_PROPAGATION_ADM
DBMS_RULE_ADM
DBMS_STREAMS_ADM
DBMS_STREAMS_MESSAGING
DBMS_TRANSFORM
Privileges to enqueue messages into and dequeue messages from any queue
Privileges to manage any queue
Privileges to create, alter, and execute any of the following types of objects in the user's own schema and in other schemas:
Evaluation contexts
Rule sets
Rules
In addition, the grantee has the ability to grant these privileges to other users.
SELECT
privilege on data dictionary views related to Streams
The ability to allow a remote Streams administrator to perform administrative actions through a database link by connecting to the grantee. This ability is enabled by running the GRANT_REMOTE_ADMIN_ACCESS
procedure in this package.
Note:
To view all of the statements run by the procedure in detail, you can use the procedure to generate a script and then view the script in a text editor.
This procedure does not grant any roles to the grantee.
This procedure grants only the privileges necessary to configure and administer a Streams environment. You can grant more privileges to the grantee if necessary.
See Also:
Oracle Streams Concepts and Administration for more information about configuring a Streams administrator
This procedure enables a remote Streams administrator to perform administrative actions at the local database by connecting to the grantee using a database link.
Syntax
DBMS_STREAMS_AUTH.GRANT_REMOTE_ADMIN_ACCESS( grantee IN VARCHAR2);
Parameters
Table 107-3 GRANT_REMOTE_ADMIN_ACCESS Procedure Parameter
Parameter | Description |
---|---|
grantee |
The user who allows remote access. The procedure adds the grantee to the DBA_STREAMS_ADMINISTRATOR data dictionary view with YES for the ACCESS_FROM_REMOTE column. If the user already has an entry in this data dictionary view, then the procedure does not make another entry. Instead, it updates the ACCESS_FROM_REMOTE column to YES . |
Usage Notes
Typically, you run the procedure and specify a grantee at a local source database if a downstream capture process captures changes originating at the local source database. The Streams administrator at a downstream capture database administers the source database using this connection. You can also run the procedure at a database running an apply process so that a remote Streams administrator can set instantiation SCNs at the local database.
Note:
TheGRANT_ADMIN_PRIVILEGE
procedure runs this procedure.See Also:
"GRANT_ADMIN_PRIVILEGE Procedure"This procedure either revokes Streams administrator privileges from a user directly, or generates a script that can be used to revoke these privileges.
Syntax
DBMS_STREAMS_AUTH.REVOKE_ADMIN_PRIVILEGE( grantee IN VARCHAR2, revoke_privileges IN BOOLEAN DEFAULT TRUE, file_name IN VARCHAR2 DEFAULT NULL, directory_name IN VARCHAR2 DEFAULT NULL);
Parameters
Table 107-4 REVOKE_ADMIN_PRIVILEGE Procedure Parameters
Parameter | Description |
---|---|
grantee |
The user from whom privileges are revoked |
revoke_privileges |
If TRUE , then the procedure revokes the privileges from the specified user directly, and removes the user from the DBA_STREAMS_ADMINISTRATOR data dictionary view. If the user does not have a record in this data dictionary view, then the procedure does not remove a record from the view, and no error is raised. If TRUE and any of the revoke statements fail, then the procedure raises an error. A revoke statement will fail if the user is not granted the privilege that is being revoked.
If You specify |
file_name |
The name of the file generated by this procedure. The file contains all of the statements that revoke the privileges. If a file with the specified file name exists in the specified directory name, then the revoke statements are appended to the existing file.
If |
directory_name |
The directory into which the generated file is placed. The specified directory must be a directory object created using the SQL statement CREATE DIRECTORY . If you specify a directory, then the user who invokes the procedure must have WRITE privilege on the directory object.
If the If |
Usage Notes
The user who runs this procedure must be an administrative user who can revoke privileges from other users. Specifically, this procedure revokes the privileges granted by running the GRANT_ADMIN_PRIVILEGE
procedure in this package.
Note:
To view all of the statements run by this procedure in detail, you can use the procedure to generate a script and then view the script in a text editor.See Also:
"GRANT_ADMIN_PRIVILEGE Procedure"This procedure disables a remote Streams administrator from performing administrative actions by connecting to the grantee using a database link.
Note:
TheREVOKE_ADMIN_PRIVILEGE
procedure runs this procedure.See Also:
"REVOKE_ADMIN_PRIVILEGE Procedure"Syntax
DBMS_STREAMS_AUTH.REVOKE_REMOTE_ADMIN_ACCESS( grantee IN VARCHAR2);
Parameters
Table 107-5 REVOKE_REMOTE_ADMIN_ACCESS Procedure Parameter
Parameter | Description |
---|---|
grantee |
The user for whom access from a remote Streams administrator is disabled.
If a row for the grantee exists in the If no row for the grantee exists in the |