11g utl_smtp Security

I have an application which supports 'phoning home' that, up until 11g was relatively easy to implement. Now I'm attempting to port it so that it will work with 11g but unfortunately, this doesn't seem to be all that easy.
If I run this code as a scripted anonymous PL/SQL block it works:
dbms_network_acl_admin.add_privilege (
acl           => 'utlpkg.xml',
principal      => 'USERNAME',
is_grant      => TRUE,
privilege      => 'connect',
start_date      => null,
end_date      => null);
(Obviously, I've already created the acl in question). Unfortunately, if I attempt to run this from my administration application, or even try to put it in a stored procedure where I can just call it from my stored procedure, it does not work. I can't get it to compile in a stored procedure, and just running the SQL from my application raises no exceptions, but has no effect either. It appears that it must be commited in order for it to work, is this true? (In other words, unlike other Oracle security-related operations, this is not considered DDL?) Forcing a commit from my application has no effect, it still doesn't work.
I'd like to incorporate this level of security into my application as opposed to having to run it externally from a script in order for it to function. Clearly I'm missing something here, but my results seem arbitrarily inconsistent. This may be in part because of the general suckiness of Vista on which I'm running 11g, or perhaps a problem with 11g itself, or, most likely, my own inability to code it correctly. I would appreciate any pointers to existing code that I might incorporate.
Thanks!
<RANT> I have NO IDEA why Oracle would chose to implement security based on xml when there is an existing structure that's been in the database for as long as I've work with it (grant priv to user). This seems to me to be an abuse of what xml should be used for, and I can only hope this over-exuberant use of xml can be rectified in a future release </RANT>

Hi,
You have to many explanation here www.ietf.org/rfc/rfc0821.txt
and here
www.ietf.org/rfc/rfc0822.txt
Nicolas.

Similar Messages

  • Not able to logging in DAC 11g, throws "Security Key is invalid or unavailable"

    Hi Friends,
    I installed DAC 11g in Linux (Installed in Windows and moved it to Linux and configured). It was working fine and sometimes it throws "Security Key is invalid or unavailable".
    I updated the DAC Repository schema details using standaloneServerSetupPrompt.bat file. Also getting the same issue.
    Appreciate your help on this.
    Thanks,
    Sakthi.S

    you need to contact your BASIS admin and tell them to check if BM7CLNT100 is available for access and that credentials you are using are authorized to access it.
    I'm assuming you're using SAP Authentication to login. If you login using Enterprise - you should be able to login into Infoview or CMC as BW changes will not affect that.

  • 11g Agents: security

    Hello all,
    I'm trying to get the agents to work. As Administrator, everything works fine, but logged in as a (normal) LDAP user with external authentication, I get errors with failing initialization blocks.
    My work around was: run agents as Administrator but it seems only Administrators are able to change the 'Run As' property of the agent to a certain user name...
    Does anyone know which security setting I need to change, or another way to get this thing working?

    Hello all,
    I'm trying to get the agents to work. As Administrator, everything works fine, but logged in as a (normal) LDAP user with external authentication, I get errors with failing initialization blocks.
    My work around was: run agents as Administrator but it seems only Administrators are able to change the 'Run As' property of the agent to a certain user name...
    Does anyone know which security setting I need to change, or another way to get this thing working?

  • Site Studio 11g: Different security access for each user

    Hi,
    I want to limit access for some contributors and grant full access to others.
    I set up different users on the content server, assign a different contributor data file to each region, and assign unique security metadata to those files.
    As result it still display the graphic icon for those data file with only read access. The contributor is not able to edit the data file but still capable to switch or remove the data file.
    +According to the documentation only the files that a particular contributor has permission to edit will display the contribution graphic icon on the web page when in contribution mode.+
    I need that the contributor should not be able to switch the data file or remove it if he doesn't have edit access to those data files.
    I've applied the metadata security to the placeholder definition unsuccessfully.
    I am using Account Security model.
    Thanks
    al
    Edited by: user8859325 on 20-Jun-2011 08:21

    Hi,
    I want to limit access for some contributors and grant full access to others.
    I set up different users on the content server, assign a different contributor data file to each region, and assign unique security metadata to those files.
    As result it still display the graphic icon for those data file with only read access. The contributor is not able to edit the data file but still capable to switch or remove the data file.
    +According to the documentation only the files that a particular contributor has permission to edit will display the contribution graphic icon on the web page when in contribution mode.+
    I need that the contributor should not be able to switch the data file or remove it if he doesn't have edit access to those data files.
    I've applied the metadata security to the placeholder definition unsuccessfully.
    I am using Account Security model.
    Thanks
    al
    Edited by: user8859325 on 20-Jun-2011 08:21

  • OBIEE 11G catalog security issue

    I have the following (simplified) requirement:
    - People with application role FIN should have access to analysis XYZ
    - People with application role HR should have access to analysis ABC
    - People with both application roles should have access to XYZ and ABC
    The above seems pretty obvious and per http://docs.oracle.com/cd/E29505_01/bi.1111/e10543/mgrgrpsusers.htm#autoId16 this should work without further ado, since the least restrictive access should be granted when roles with different permissions (FIN has nog permissions on ABC and HR no permissions on XYZ) are granted, however...
    We find that if role HR is not explicitly excluded from access to XYZ then it will always have access to XYZ. The same goed for FIN and ABC. But then when both roles are granted (with these explicit exclusions), user has access to neither XYZ or ABC. This actually makes sense, since explicit exclusions take precedence, but then how do I achieve my goal as stated above?
    The same logic applies to subject areas. If not explicitly excluded for either of the two roles, access is always granted. But if explicitly excluded, granting both roles excludes both subject areas.
    I have already checked inherited roles. The FIN and HR roles are based on standard BI Consumer roles, so they are both members of Authenticated User and BI Consumer. But even taking these into account, the same problem persists. Pretty sure I am overlooking something small and simple.

    Hi there. Does anybody noticed this issue on calendars?! That only occurs when the month is october....
    Just updating, the correct version of OBIEE is 11.1.1.5.0.
    Thanks in advance.
    Marcos

  • Security in 11g

    Hi Team,
    Can someone post me some material on applying security to a application in 11g (Ex:based on some logged in User).
    Thanks,
    User

    User,
    did you search this forum?
    A simple search for security gives plenty of useful results.
    Look at this Re: JDev 11g ADF Security app on standalone WLS against Active Directory and there are a couple of articles in the [code corner|http://www.oracle.com/technology/products/jdev/tips/fnimphius/index.html]
    Even the Help give some links.
    Timo

  • Security Deprecated from WL 8.1 to 11g

    Hello,
    I am upgrading from weblogic 8.1 to 11g, the security model we used in 8.1(DefaultAuthenticatorMBean) has been deprecated in 11g . I have done a lot of reading on JMX, yet still haven't been able to successfully re-write our security. We have two bits of code that interact with the weblogic container, one class loads all of our users from the database, loads all of the groups from the database and also links the users with their associated groups. The second is handling all of the user management, ie validating a user against the container, updating the users password, deleting a user etc.
    Does anyone have any working code that does something similar I can take a look at?
    Thank you in advance.
    Keith

    Since the users/groups are in the database, consider using SQLAuthenticator. See http://download.oracle.com/docs/cd/E12840_01/wls/docs103/secmanage/rdbms.html
    If user management capability in WLS is a must have (CRUD on users/groups), then very likely there is a need for a custom Authentication provider. See http://download.oracle.com/docs/cd/E12839_01/web.1111/e13718/atn.htm#i1154044

  • OBIEE 11g RPD password reset and Hierarchy implementation

    HI All,
    How to get the forgot password in OBIEE 11g. Please refer the below link you will get one good Suitable  solution.
    http://satyaobieesolutions.blogspot.com/2013/06/how-to-reset-forgotten-obiee-11g-rpd.html
    How to reset the forgot password in OBIEE 10g. Please refer the below link.
    ttp://satyaobieesolutions.blogspot.com/2013/06/how-to-reset-forgotten-obiee-10g-rpd.html
    How to create Time Hierarchy in OBIEE 11g:
    http://satyaobieesolutions.blogspot.com/2013/06/dimension-hierarchy-111170.html
    Hope this help's
    Thanks,
    Satya Ranki Reddy

    looks like there is a way to recover the lost passwords for RPD's using listcred() method of wlst
    look at the following doc http://www.rittmanmead.com/2011/04/oracle-bi-ee-11g-migrating-security-credential-store-part-3/
    Listing the Credential in Dev Environment:
    All the Credential Keys are generally stored in an encrypted format (the passwords). So, to migrate we will need to first extract these passwords and then do the migration to Production. The passwords can be extracted through the listCred() method of WLST. We need to be connected to the Admin Server for this method to work. The exact command is given below
    connect(“weblogic”,”welcome1″,”localhost:7001″)
    listCred(“DevMap”,”DevKey”)
    This will show the encrypted password entered inside the key as shown below
    And this is what we see in the enterprise manager.
    As you see, with listCred we are able to extract the full credentials. Now, lets try to see what is the default password for the BISystemUser.
    listCred(“oracle.bi.system”,”system.user”)
    In the same way lets extract the passwords of the SampleAppLite repository.
    listCred(“oracle.bi.enterprise”,”repository.SampleAppLite”)
    With this we can even extract the lost Repository passwords."
    i am going to try it out now

  • OWSM POlicy -11g

    Hi All,
    We are working on attaching OWSM policies of SOA suite 11g to secure the composites.
    Attached 'oracle/wss10_saml_token_service_policy' to the composite keeping configurations as default in saml login module.
    When we are trying to test this composite with the below payload
    <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" AssertionID="Id-00000127b711fabc-0000000001bda657-2" IssueInstant="2010-04-01T01:52:41Z" Issuer="www.oracle.com" MajorVersion="1" MinorVersion="1"> <saml:Conditions NotBefore="2010-04-01T01:52:41Z" NotOnOrAfter="2010-04-06T01:52:41Z"/> <saml:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified" AuthenticationInstant="2010-04-01T01:52:41Z"> <saml:Subject> <saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">orcladmin</saml:NameIdentifier> <saml:SubjectConfirmation> <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod> </saml:SubjectConfirmation> </saml:Subject> </saml:AuthenticationStatement> <saml:AttributeStatement> <saml:Attribute Name="username" NameFormat="www.oracle.com"> <saml:AttributeValue>weblogic</saml:AttributeValue> </saml:Attribute> <saml:Attribute Name="password" NameFormat="www.oracle.com"> <saml:AttributeValue>Password1</saml:AttributeValue> </saml:Attribute> </saml:AttributeStatement> </saml:Assertion> </wsse:Security> </soap:Header> <soap:Body> <cli:process xmlns:cli="http://xmlns.oracle.com/UserProvisioning_jws/Project1/BPELProcess1"> <!--Element must appear exactly once --><cli:input>abc</cli:input> </cli:process> </soap:Body> </soap:Envelope>
    it is throwing an error
    OWSM Policy Fault : FailedAuthentication : The security token cannot be authenticated.
    Do we need to make any changes in the input payload or configuration files.
    Any pointers on the same will be more helpfull.
    Thanks,
    Sowmya

    Ok got it! Just followed the oracle documentation and copied it in below path and Jdev 11.1.1.4 picked it up!
    C:\Users\Amit\AppData\Roaming\JDeveloper\system11.1.1.4.37.59.23\DefaultDomain\oracle\store\gmds\owsm\policies (not copying it within oracle folder within policies as its a custom policy)
    Strange, I have Jdev 11.1.1.3 in office and it doesnt pick up the policy but Jdev 11.1.1.4 (at home) picks it up without a problem.
    is this a bug in Jdev 11.1.1.3 or my jdev in offic is corrupt?

  • Oracle secure files

    Does anyone know if there is documentation from Oracle on how to setup the 11g db secure files database and store files per the 11g secure files method in UCM 10gR3. There is documentation for the filestore provider and to get the database storing content but it does not store things per the 11g secure files way.
    Edited by: DanKoz on Nov 11, 2009 7:13 AM

    ad #1 - yes, but it is not a specific feature of FSP - UCM just has table which has a column of BLOB type (?) and SecureFiles will take care of it
    ad #2 - for 50000 docs you won't see much difference in performance. However, check this post: Database base storage stress test especially the last comment

  • Security and privileges loading

    We need some easy way to upload the security and privileges in the EUL...
    We need to modify the privileges of about 60k users and hundreds of responsibilities...
    Is there a best practice some of you may suggest??

    see below
    Oracle BI EE 11g – Migrating Security – Identity Stores – Part 1 - http://www.rittmanmead.com/2011/04/oracle-bi-ee-11g-migrating-security-identity-stores-part-1/
    Oracle BI EE 11g – Migrating Security – Policy Store – Part 2 - http://www.rittmanmead.com/2011/04/oracle-bi-ee-11g-migrating-security-policy-store-part-2/
    Oracle BI EE 11g – Migrating Security – Credential Store – Part 3 - http://www.rittmanmead.com/2011/04/oracle-bi-ee-11g-migrating-security-credential-store-part-3/
    also this
    http://download.oracle.com/docs/cd/E21764_01/apirefs.1111/e13952/taskhelp/security/ExportDataFromSecurityRealms.html
    http://download.oracle.com/docs/cd/E21764_01/apirefs.1111/e13952/taskhelp/security/ImportDataIntoSecurityRealms.html
    mark if it helps

  • Forgot Obiee 11g Rpd Password

    Hi,
    I have forgotten Obiee11g rpd password,how can i bypass or reset password..
    Thanks,
    Kartheek.

    looks like there is a way to recover the lost passwords for RPD's using listcred() method of wlst
    look at the following doc http://www.rittmanmead.com/2011/04/oracle-bi-ee-11g-migrating-security-credential-store-part-3/
    Listing the Credential in Dev Environment:
    All the Credential Keys are generally stored in an encrypted format (the passwords). So, to migrate we will need to first extract these passwords and then do the migration to Production. The passwords can be extracted through the listCred() method of WLST. We need to be connected to the Admin Server for this method to work. The exact command is given below
    connect(“weblogic”,”welcome1″,”localhost:7001″)
    listCred(“DevMap”,”DevKey”)
    This will show the encrypted password entered inside the key as shown below
    And this is what we see in the enterprise manager.
    As you see, with listCred we are able to extract the full credentials. Now, lets try to see what is the default password for the BISystemUser.
    listCred(“oracle.bi.system”,”system.user”)
    In the same way lets extract the passwords of the SampleAppLite repository.
    listCred(“oracle.bi.enterprise”,”repository.SampleAppLite”)
    With this we can even extract the lost Repository passwords."
    i am going to try it out now

  • Migrate security of BIEE11G

    Hi,
    anyone know how to do migration of BIEE11G?
    mainly security migration ,including user ,group,role,policy.
    thank you!

    Refer below links.....very useful.
    http://www.rittmanmead.com/2011/04/oracle-bi-ee-11g-migrating-security-identity-stores-part-1/
    http://www.rittmanmead.com/2011/04/oracle-bi-ee-11g-migrating-security-policy-store-part-2/
    http://www.rittmanmead.com/2011/04/oracle-bi-ee-11g-migrating-security-credential-store-part-3/

  • Help configuring SSO/OID with WLS 11g

    Hello,
    We have recently upgraded to 11g from 10g. I have OID ans SSO installed but can't seem to things configured properly. I have been able to "register" OID as the secuity provider via the WLS Console for the tools.
    I have loaded the users via ldap add using an ldif from the old ldap server.
    What I can't seem to do is get the sso login.jsp to popup when I go to our webpages?
    I know it must be something in a configuration file but I can't seem to identify exactly what it is.
    I've looked at all sorts of docs but can't seem to find the right one.
    If anyone can point me to a doc that outlines how to config everything that would be great.
    Thanks.
    Steve.

    Hi,
    it works with this provider and we had this QA tested. I suggest you deploy the application to WLS and make it run with the embedded LDAP server similar to how it works with the integrated server. Once you have this working you configure the RDBMS provider to perform the authentication.
    Here's a blog entry that references all useful resources when configuring ADF Security
    http://one-size-doesnt-fit-all.blogspot.com/2009/01/configuring-jdev-11g-adf-security-app.html
    Frank

  • High level & low level Desing in OBIEE

    Hi Gurus/Experts,
    I am new to in OBIEE and please let me know about the High Level and Low level design of obiee projects.
    Really its helpful for me to develope my carrier skills.
    Thanks in advance,
    Sriram

    Hi,
    OBIEE 11g Basic Security Guide from Deliver BI
    http://www.box.net/shared/5ef1alb2sp
    http://www.rittmanmead.com/2008/04/migration-obiee-projects-between-dev-and-prod-environments/
    http://obiee101.blogspot.com/2009/07/obiee-how-to-get-started.html
    http://www.scribd.com/doc/60264784/OBIEE11g-Logical-Table-Souorce
    tutorial from the Oracle By Example range
    http://st-curriculum.oracle.com/obe/fmw/bi/bi1113/createanalysis/ps.htm
    also refer the blow one for installation and migration and essential ..basics..
    OBIEE10 repository and webcatlouge in obiee 11g
    http://www.rittmanmead.com/2010/08/oracle-bi-ee-11g-upgrading-from-bi-ee-10g-repository-web-catalog/
    new features OBIEE 11g is having
    http://obieeelegant.blogspot.com/2011/10/obiee11g-features.html
    There are the full new features about OBIEE 11g.
    Top5 New Features in Oracle Business Intelligence Security
    http://oracleintelligence.blogspot.com/2010/10/top5-new-features-in-oracle-business.html
    Top5 New Features for Oracle Business Intelligence System Administrators
    http://oracleintelligence.blogspot.com/2010/10/top5-new-features-for-oracle-business.html
    Top10 New Features for Oracle Business Intelligence Users
    http://oracleintelligence.blogspot.com/2010/10/top10-new-features-for-oracle-business.html
    List of Bug Fixes Included In OBIEE 11.1.1.5.0
    http://obieeelegant.blogspot.com/2011/11/list-of-bug-fixes-included-in-obiee.html
    OBIEE 11g (11.1.1.5.0) Software Only Installation on Windows Server 2008/2003/XP 64 bit SP1 &SP2
    http://obieeelegant.blogspot.com/2011/09/obiee-11g-111150-software-only.html
    Migrating Application Roles from Dev to UAT server and Production server.
    To move Application Roles, please kindly review the following information:
    Oracle Fusion Middleware Application Security Guide 11g Release 1 (11.1.1)
    7.3.2 Migrating Policies with the Command migrateSecurityStorehttp://download.oracle.com/docs/cd/E14571_01/core.1111/e10043/cfgauthr.htm#JISEC2929
    http://www.rittmanmead.com/2010/10/obiee-11gr1-security-explained-working-with-the-default-security-configuration/
    http://www.rittmanmead.com/2011/04/oracle-bi-ee-11g-migrating-security-credential-store-part-3/
    The same guide can be used...But some fetures are changed in it.Here is the RPD 11g step-by-step guide
    http://www.oracle.com/webfolder/technetwork/tutorials/obe/fmw/bi/bi11115/biadmin11g_02/biadmin11g.htm
    Refer:
    Re: OBIEE 11G Beginners guide
    Thanks
    Deva

Maybe you are looking for

  • Date not displaying correctly

    Hi, we have an issue where date is not displaying correctly in report. it shows 1/1/1990. even in universe it shows the same value 1/1/1990. but if i run query at DB level it shows the correct date. Reporting Database is Sybase. we are on Bi 4.0 SP 6

  • E65, a dimension font problem

    Hi, Yesterday i bought an E65 phone and i have a problem with reading e65 fonts because these are too much little for my eyes. how can i increase e65 fonts? bye..

  • Deleted applications folder in dock - how do I get it back??

    Hello The applications stack in my dock has disappeared, can you help me get it back? If i drag in an alias of the applications folder it opens in finder, but i want to have it like the default. thanks all

  • BI 11.1.1.5

    hello, i am ADF Developer. Heard Jdev 11.1.1.5 have v good integration with BI and new wizards. Is there a enough scope now for ADF developer be able to work on BI project with this new change ? OR is it just a small piece that got addressed. questio

  • Inspection lot measure unit

    Hello, I am straggling to find out where  from the maintenance inspection lot (source 14) takes the "measure unit" to the inspection lot quantities tab?. I find that "The system always selects the base unit of measure from the material master as the