Calling set_context() outside after logon trigger?

Similar Messages

• Insufficient privileges using execute immediate in after logon trigger

  I have an after logon trigger that executes a package/procedure in the schema it was created in.
  One of the procedures runs the following:
  EXECUTE IMMEDIATE 'AUDIT INSERT TABLE, UPDATE TABLE, DELETE TABLE, EXECUTE PROCEDURE BY ' || USER;
  The procedure is throwing an insufficient privileges error when executing this.
  However - the schema owner has audit any and audit system privileges and - the statement works fine independently.
  When I login as another user this issue arises. The package/procedure are created with definers rights... So - i'm not sure why this is happenening.
  Any help is appreciated.

  privileges acquired via ROLE do NOT apply within named PL/SQL procedures.
  SQL> SET ROLE NONE
  SQL> --issue AUDIT again now                                                                                                                                                                                                                                                               

• Closing DBA session in AFTER LOGON trigger

  Hello *,
  this is my first question here and my first piece of code in oracle so please don't laugh ;-)
  I'm trying to create an AFTER LOGON trigger which disconnects a user if he/she tries to log in from an incorrect host.
  What should happen?
  User tries to connect.
  If he/she is permitted, a record is added to a table.
  If not, a record is added to another table and the user is disconnected using RAISE_APPLICATION_ERROR().
  After a number of issues I've got it working, except ... I have the feeling that RAISE_APPLICATION_ERROR() doesn't effect users with DBA privileges.
  Finally, I'm testing it with one ordinary user - DEF.
  The main idea is to disallow connections from user ABC which has DBA privileges.
  Tests using DEF are successful but when ABC tries to log in from an incorrect host, a record is added in pcbaudit_failed_logins but the user is not disconnected.
  The database is 9.2.0.8.0 and I'm prepared to post RDA report if it is required.
  Thank you for your help in advance - I hope I was kind enough :P
  Here's the code for the trigger:
  DROP TABLE pcbaudit_users;
  CREATE TABLE pcbaudit_users (username VARCHAR2(32) NOT NULL, host VARCHAR2(64) NOT NULL);
  CREATE INDEX idx_pcbaudit_users_username ON pcbaudit_users(username);
  CREATE INDEX idx_pcbaudit_users_host ON pcbaudit_users(host);
  DROP TABLE pcbaudit_logins;
  CREATE TABLE pcbaudit_logins (username VARCHAR2(32), ip_address VARCHAR2(15), host VARCHAR2(64), ts DATE);
  DROP TABLE pcbaudit_failed_logins;
  CREATE TABLE pcbaudit_failed_logins (username VARCHAR2(32), ip_address VARCHAR2(15), host VARCHAR2(64), ts DATE);
  CREATE OR REPLACE PUBLIC SYNONYM pcbaudit_users FOR sys.pcbaudit_users;
  CREATE OR REPLACE PUBLIC SYNONYM pcbaudit_logins FOR sys.pcbaudit_logins;
  CREATE OR REPLACE PUBLIC SYNONYM pcbaudit_failed_logins FOR sys.pcbaudit_failed_logins;
  GRANT SELECT ON sys.pcbaudit_users TO public;
  GRANT INSERT ON sys.pcbaudit_logins TO public;
  GRANT INSERT ON sys.pcbaudit_failed_logins TO public;
  INSERT INTO pcbaudit_users VALUES ('SYS', '%');
  INSERT INTO pcbaudit_users VALUES ('SYSTEM', '%');
  INSERT INTO pcbaudit_users VALUES ('ABC', '%');
  INSERT INTO pcbaudit_users VALUES ('DEF', '%');
  COMMIT;
  CREATE OR REPLACE
  TRIGGER logon_pcbaudit_trigger AFTER LOGON ON DATABASE
  DECLARE
       v_username     VARCHAR2(32); /* variable that will hold current username */
       v_host          VARCHAR2(4000); /* variable that will hold current host */
       v_allowed     NUMBER(1) := 0;
       PRAGMA          AUTONOMOUS_TRANSACTION;
  BEGIN
       SELECT     UPPER(USER), /* current user */
            UPPER(SYS_CONTEXT('USERENV', 'HOST')) /* current user host */
       INTO     v_username,
            v_host
       FROM     dual;
       /* debug */
  --     DBMS_OUTPUT.PUT_LINE(v_username || '@' || v_host);
       SELECT     1
       INTO     v_allowed
       FROM     pcbaudit_users
       WHERE     UPPER(username) = v_username
  AND (
                 UPPER(REPLACE(v_host, CHR(0), '')) LIKE UPPER(host) ESCAPE '!' /* fuck that shit! Something appends CHR(0) to its host... */
                 OR
                 v_host IS NULL /* fuck that shit! Some hosts are NULLs! */
  /* write log (user has logged in!) */
  INSERT
  INTO pcbaudit_logins
  (username, ip_address, host, ts)
  VALUES
  (v_username, SYS_CONTEXT('USERENV', 'IP_ADDRESS'), v_host, SYSDATE);
  COMMIT;
  EXCEPTION
       WHEN     NO_DATA_FOUND     THEN /* occurs when no matches were found; i.e. current username is not permitted to login from the current host */
            /* log the failed attempt */
            INSERT
            INTO     pcbaudit_failed_logins
            (username, ip_address, host, ts)
            VALUES
            (v_username, SYS_CONTEXT('USERENV', 'IP_ADDRESS'), v_host, SYSDATE);
  COMMIT;
            /* disconnect user */
            RAISE_APPLICATION_ERROR(-20001, v_username || '@' || v_host || ' is not allowed to connect.');
       WHEN     OTHERS THEN
            NULL; /* in this case, NULL is better than an error - if an error occurs, user will not be able to login. */
  END;

  Thank you for your reply!
  The situation is quite complicated.
  I am aware that a user with DBA privileges can drop the trigger, modify it, etc.
  There's an application on top of it and (i don't know why) it requires dba privileges. The point is, there are developers with access to the production database and my task is to stop them from logging in with this username.
  Since I'm creating a trigger, I've obviously have no other choice. I can't change the user's password because of number of reasons, I can't deny developers' IP addresses using sqlnet.ora because they need read-only access and so on.
  I realize that this is not the way that things are being done (development cycle), but I have no other choice.
  So, is there any other way?

• Error In After Logon Trigger

  Hi,
      I am using Release 11.2.0.3.0 of oracle.
  I have created a trigger for restricting specific users(logging from specific program and having specific OSUSER) from loging into the database.
  I created below trigger in SYS schema.
  CREATE OR REPLACE TRIGGER t1
  AFTER
  LOGON
  ON DATABASE
  DECLARE
  trg_program varchar2(4000);
  trg_user varchar2(4000);
  trg_osuser varchar2(4000);
  v_killsession  VARCHAR2(4000);
  v_sid   VARCHAR2(4000);
  v_serial   VARCHAR2(4000);
  BEGIN
  SELECT UPPER (program), UPPER (USERNAME), UPPER (OSUSER),SID,serial#
    INTO trg_program, trg_user, trg_osuser,v_sid,v_serial
    FROM v$session
  WHERE audsid = SYS_CONTEXT ('USERENV', 'SESSIONID') AND ROWNUM = 1;
  IF  trg_program IN ('SQLPLUS.EXE','SQLPLUSW.EXE','TOAD.EXE')
      AND  trg_user in ('USER1','USER2')--,'SYS','SYSTEM')
      --AND trg_osuser  not in ('O12345')
  THEN
         raise_application_error(-20001,'You are not authorized to connect to this schema directly!!');
  END IF;   
  END;
  when i am logging into USER1 through sqlplus/toad it works fine, i am getting required message which is mentioned as 'raise application error'
  but when i am compiling the trigger by uncommenting extra condition for OSUSER i.e trg_osuser  not in ('O12345') in the trigger code, so that it wont affect the highly provileged user(i.e OSUSER O12345).During logging in to user USER1 i am getting below error
  ERROR:
  ORA-04045: errors during recompilation/revalidation of
  XIGNCMN.RESTRICT_UNAUTH_ACCESS
  ORA-01031: insufficient privileges
  it should alow me to login because i am OSUSER 'O12345', so why its not working?

  Thanks John.
  Actually currently we are having database server installed in each of the developers machine so having DBA privilege and having business data, thats why i am planning to configure common database to which all will connect and i wont allow them to connect to the database directly through the functional schema(2 schemas). Now i am planning to restrict the developers access to only 'SELECT+DMLS' for the functional schema and i will do that by creating another user through which they will get connected to the actual functional schema with restricted privilege.
  But here the issue is that, for JAVA application, they are having local source code in each of their machine and will also need the connection string/password for the functional schema, so they will know the password for the functional schema, but i want to restrict their access through all the program except 'Jdbc thin client' so i thought of above trigger.
  kindly suggest if any other way out?

• Trace users by after logon trigger

  Hi.
  I have to trace some users application to find the source of problems.
  Oracle8i Enterprise Edition Release 8.1.7.0.0
  connect system/manager@testdb
  create or replace trigger login_trigger
  after logon on database
  begin
  if (USER in ('BLAKE','SCOTT')) then
  execute immediate
  'ALTER SESSION SET EVENTS ''10046 TRACE NAME CONTEXT FOREVER, LEVEL 12''';
  end if;
  end;
  show error;
  SQL> connect scott/tiger@testdb
  ERROR:
  ORA-00604: error occurred at recursive SQL level 1
  ORA-01031: insufficient privileges
  ORA-06512: at line 3
  OK, I'll grant a priv.
  SQL> connect system/manager@testdb
  SQL> GRANT administer DATABASE TRIGGER TO "SCOTT";
  SQL> connect scott/tiger@testdb
  Connected.
  Good, only *.trc file is empty after that and there is no trace information for analyse.
  Could you please give me a solution?
  Mikhail

  can't find any *.trc & alert files relevant current time 20080329:20.34
  only this
  29.03.2008 18:20 72 583 nmuALRT.LOG
  25.03.2008 22:22 600 nmuARC0.TRC
  but the last connection I've made
  20080329:20.34
  SQL> connect SCOTT/[email protected]
  ERROR:
  ORA-00604: error occurred at recursive SQL level 1
  ORA-01031: insufficient privileges
  ORA-06512: at line 3
  this is the files
  ---nmuALRT.LOG---
  Dump file C:\oracle\admin\nmu\bdump\nmuALRT.LOG
  Sat Mar 22 17:58:46 2008
  ORACLE V8.1.7.0.0 - Production vsnsta=0
  vsnsql=e vsnxtr=3
  Windows 2000 Version 5.1 Service Pack 2, CPU type 586
  Starting up ORACLE RDBMS Version: 8.1.7.0.0.
  System parameters with non-default values:
  processes = 150
  shared_pool_size = 52428800
  large_pool_size = 614400
  java_pool_size = 20971520
  control_files = C:\oracle\oradata\nmu\control01.ctl, C:\oracle\oradata\nmu\control02.ctl, C:\oracle\oradata\nmu\control03.ctl
  db_block_buffers = 19200
  db_block_size = 8192
  compatible = 8.1.0
  log_buffer = 32768
  log_checkpoint_interval = 10000
  log_checkpoint_timeout = 1800
  db_files = 1024
  db_file_multiblock_read_count= 8
  max_enabled_roles = 30
  remote_login_passwordfile= EXCLUSIVE
  global_names = TRUE
  distributed_transactions = 500
  instance_name = nmu
  service_names = nmu
  mts_dispatchers = (PROTOCOL=TCP)(PRE=oracle.aurora.server.SGiopServer)
  open_links = 4
  sort_area_size = 65536
  sort_area_retained_size = 65536
  db_name = nmu
  open_cursors = 300
  os_authent_prefix =
  job_queue_processes = 0
  job_queue_interval = 10
  parallel_max_servers = 5
  background_dump_dest = C:\oracle\admin\nmu\bdump
  user_dump_dest = C:\oracle\admin\nmu\udump
  max_dump_file_size = 10240
  oracle_trace_collection_name=
  Sat Mar 29 18:20:39 2008
  Errors in file C:\oracle\admin\nmu\udump\ORA02288.TRC:
  ORA-00604: error occurred at recursive SQL level 1
  ORA-01031: insufficient privileges
  ORA-06512: at line 3
  ---nmuARC0.TRC-----------------------------------------
  Dump file C:\oracle\admin\nmu\bdump\nmuARC0.TRC
  Tue Mar 25 22:22:38 2008
  ORACLE V8.1.7.0.0 - Production vsnsta=0
  vsnsql=e vsnxtr=3
  Windows 2000 Version 5.1 Service Pack 2, CPU type 586
  Oracle8i Enterprise Edition Release 8.1.7.0.0 - Production
  With the Partitioning option
  JServer Release 8.1.7.0.0 - Production
  Windows 2000 Version 5.1 Service Pack 2, CPU type 586
  Instance name: nmu
  Redo thread mounted by this instance: 0 <none>
  Oracle process number: 14
  Windows thread id: 2592, image: ORACLE.EXE
  *** SESSION ID:(11.1) 2008-03-25 22:22:38.428
  *** 2008-03-25 22:22:38.428

• Raise_application_error in after-logon-trigger

  Hi,
  I try to build a
  after logon on database trigger,
  this should execute some inserts into an audit-table, and if some conditions are not given, I want the user to be disconnected.
  In this forum I found this thread with a trigger similar to my needs:
  To prevent TOAD access
  But RAISE_APPLICATION_ERROR in this trigger does not cancel the session and so the user stays connected to oracle. Now I am searching for a disconnect-statement!
  Wolfram

  Wolfram,
  What we have here is
  - a post without a 4 digit database version. Most questions have a version specific answer. The behavior you describe does not apply to all versions, and might even apply to SYSDBA connected users only. Is everyone connecting as SYSDBA?
  - a post without a proper description of what the trigger does, and without a proper description of the business need. This is especially important as you seem to re-invent AUDIT CONNECT.
  - a post from someone who already thinks he knows the answer.
  Rest assured: there is no disconnect statement in PL/SQL
  You would really need to come up with more details
  - database version, 4 digits
  - the actual trigger code
  - what you are trying to accomplish in terms of business requirements
  - why you can't use AUDIT
  Sybrand Bakker
  Senior Oracle DBA

• No Outgoing calls to outside after ASA5505 intallation

  Hi,
  I have a asterix PBX running my system and I upgraded my security with a cisco ASA 5505. Now all the extensions are working including the remote once. Everything elase like internet... other servers all working fine. Only problem is that when ever someone dials a landline number from an extension it does not go through.... seems like the firewall is blocking it but I cannot figure out why or how. All the NAT and Access list is fine. Although I have no idea how to accept the SIP PROXY IP through the firewall and I am guessing that might be the problem.  There is no any other problem and I am 100% satisfied with the ASA5505 except this problem... Any help is appreciated..
  Thanks
  Amal

  Results
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect ip-options
  Thanks in advance

• Trigger after logon

  Hi,
  I created a trigger to avoid users to run commands outside the Forms/Reports environment, which means they must execute their commands using the Application servers (App1 and App2, machine column, in v$session).
  I need to send them the message "YOU MUST RUN YOUR COMMANDS USING FORMS" when a user called TST01 is TRYING to connect to the database , running Forms outside App1 or App2 machines .
  Here is the code:
  CREATE OR REPLACE TRIGGER tr_lock_user_out_forms
  AFTER LOGON ON DATABASE
  DECLARE
  v_user sys.v_$session.username%TYPE;
  v_mac sys.v_$session.machine%TYPE;
  BEGIN
  SELECT username, machine
  INTO v_user, v_mac
  FROM sys.v_$session
  WHERE audsid = USERENV('SESSIONID')
  AND audsid != 0
  AND ROWNUM = 1;
  EXCEPTION WHEN NO_DATA_FOUND THEN NULL;
  IF (UPPER(v_user) = 'TST01') THEN
  BEGIN
       IF LOWER(v_mac) NOT IN ('app1', 'app2')
       THEN
            RAISE_APPLICATION_ERROR(-20000, 'YOU MUST RUN YOUR COMMANDS USING FORMS');
       END IF;
  END;
  END IF;
  END;
  SHOW ERRORS
  It's allowing user TST01 to connect to the db. Do you guys have any idea ?
  Thanks in advance.

  Thanks for the replies,
  Naresh , the idea is to avoid users to connect to the DB without using Oracle Forms, and the message that the user would receive could be "PLEASE, CONNECT TO THE DATABASE USING FORMS ON AAP1 OR APP2" (sorry if the message I wrote before was unclear).
  So, the users could not even connect to the DB if they are not login using Forms. Your idea is good but we have 3.000 tables for this user to access, and as after update cannot be used in schema or database levels, I think it won't worth using this event.
  I'm trying other code but if any of you guys have another idea to correct the code below it'd be nice.
  Thkx in advance.

• Calling of Stored Procedure in After Insert Trigger

  Can I call a Stored Procedure in After Insert Trigger ?
  Please send a sample code (good example) of After Insert Trigger.
  Thanks.

  Kishore,
  I have two table WLCS_ORDER, WLCS_ORDER_LINE
  WLCS_ORDER - It holds order header information like
  ORDER_ID
  CUSTOMER_ID
  TRANSACTION_ID
  STATUS
  ORDER_DATE
  SHIPPING_METHOD
  SHIPPING_AMOUNT
  SHIPPING_CURRENCY
  PRICE_AMOUNT
  PRICE_CURRENCY
  SHIPPING_GEOCODE
  SHIPPING_STREET1
  SHIPPING_STREET2
  SHIPPING_CITY
  SHIPPING_STATE
  SHIPPING_COUNTRY
  SHIPPING_POBOX
  SHIPPING_COUNTY
  SHIPPING_POSTAL_CODE
  SHIPPING_POSTAL_CODE_TYPE
  SPECIAL_INSTRUCTIONS
  SPLITTING_PREFERENCE
  ORDER_SUBTOTAL
  WLCS_ORDER_LINE - It holds all order lines information like
  ORDER_LINE_ID
  QUANTITY
  PRODUCT_ID
  TAX_AMOUNT
  TAX_CURRENCY
  SHIPPING_AMOUNT
  SHIPPING_CURRENCY
  UNIT_PRICE_AMOUNT
  UNIT_PRICE_CURRENCY
  MSRP_AMOUNT
  MSRP_CURRENCY
  DESCRIPTION
  ORDER_ID
  TOTAL_LINE_AMOUNT
  Relation between WLCS_ORDER, WLCS_ORDER_LINE is one to many.
  For each WLCS_ORDER row, one or more order lines will insert into WLCS_ORDER_LINE table.
  For each new row in WLCS_ORDER table, I have to update the following columns in both the tables with my maths.
  WLCS_ORDER
  shipping_amount
  price_amount
  order_subtotal
  WLCS_ORDER_LINE
  shipping_amount
  I thought I can do this in after insert trigger, But if it is not possible, Please give the best way to fulfill this requirement.
  I appreciate your help.
  Have a great day.
  Srinivas

• After Logon on Database Trigger Not Working From Client Terminal

  Hi Every One
  I Have a Problem, I'am Using Oracle 10g R2, I'd Written After Logon on Database Trigger, I'd Written The Trigger Under The Under The User With DBA Privileges, and it is work Fine, but it is work only when i Logon On The Database from The Server Terminal with any user, and If Logon From any Other Terminal It Is Not Work,
  Can any One Know The Reason, Please Help me
  Yasser Mokhtar

  Please post the trigger code.

• Calling java host command in trigger/PLSQL

  I created a java call to execute a linux host command that calls a shell script that will echo out a result. It is owned by SYS and has granted execute to SYSTEM. SYSTEM has a table that monitors accesses to the RDBMS. When a user logs on from a remote server vis sqlplus, this LOGON trigger write to the SYSTEM table (successfully). SYSTEM has a trigger that runs a linux command to execute a shell script that pulls the actual IP address from the remote system. I can run this call from a PLSQL block (outside the trigger) and get a response back like "user:101.101.101.111" but when I have the same user log on, the trigger fires - no errors or exceptions yet no rows are returned. Is there some restriction in a trigger versus just a plsql block call? The java code used is what I found on (http://www.oracle-base.com/articles/8i/ ... mPLSQL.php) and it works perfectly OUTSIDE the trigger but nothing is returned in the trigger firing steps. Any idea?
  rdbms: 11.1.0.7, Redhat 4
  I know the code works because I can write the host command output to a file. Later in the trigger I can open the file and can read the data that should have been returned in the java host call.

  FYI - here is the code from your site that I used:
  DROP JAVA SOURCE SYS."Host";
  CREATE OR REPLACE AND RESOLVE JAVA SOURCE NAMED SYS."Host" as import java.io.*;
  public class Host {
  public static void executeCommand(String command) {
  try {
  String[] finalCommand;
  if (isWindows()) {
  finalCommand = new String[4];
  // Use the appropriate path for your windows version.
  finalCommand[0] = "C:\\windows\\system32\\cmd.exe"; // Windows XP/2003
  //finalCommand[0] = "C:\\winnt\\system32\\cmd.exe"; // Windows NT/2000
  finalCommand[1] = "/y";
  finalCommand[2] = "/c";
  finalCommand[3] = command;
  else {
  finalCommand = new String[3];
  finalCommand[0] = "/bin/sh";
  finalCommand[1] = "-c";
  finalCommand[2] = command;
  final Process pr = Runtime.getRuntime().exec(finalCommand);
  pr.waitFor();
  new Thread(new Runnable(){
  public void run() {
  BufferedReader br_in = null;
  try {
  br_in = new BufferedReader(new InputStreamReader(pr.getInputStream()));
  String buff = null;
  while ((buff = br_in.readLine()) != null) {
  System.out.println("Cmd results: " + buff);
  try {Thread.sleep(100); } catch(Exception e) {}
  br_in.close();
  catch (IOException ioe) {
  System.out.println("Exception caught printing process output.");
  ioe.printStackTrace();
  finally {
  try {
  br_in.close();
  } catch (Exception ex) {}
  }).start();
  new Thread(new Runnable(){
  public void run() {
  BufferedReader br_err = null;
  try {
  br_err = new BufferedReader(new InputStreamReader(pr.getErrorStream()));
  String buff = null;
  while ((buff = br_err.readLine()) != null) {
  System.out.println("Cmd Error: " + buff);
  try {Thread.sleep(100); } catch(Exception e) {}
  br_err.close();
  catch (IOException ioe) {
  System.out.println("Exception caught printing process error.");
  ioe.printStackTrace();
  finally {
  try {
  br_err.close();
  } catch (Exception ex) {}
  }).start();
  catch (Exception ex) {
  System.out.println(ex.getLocalizedMessage());
  public static boolean isWindows() {
  if (System.getProperty("os.name").toLowerCase().indexOf("windows") != -1)
  return true;
  else
  return false;
  /

• AUTHENICATE SSO RAD INFO IN LOGON TRIGGER IN 10G FORM?

  I've been trying to add a LOGON Trigger to my Oracle 10g Form to check my RADs after logging into SSO.
  I'm having a problem setting up multiple Config's for multiple RADs. I have about 7different applications that I would like to log into but would like to log into the SSO just once. But for some reason each application is asking for a SSO log in.

  Hi!
  This is a webutil-restriction.
  You cannot use webutil in triggers that fires before the form has complete focus.
  Like pre-form, when-new-form-instance and on-logon triggers.
  In a when-new-form-instance trigger create a timer, let's say 200 millisconds long.
  In a when-timer-expired trigger you can call webutil.
  May you put your configuration-file on the server and use d2kwut !
  Regards.

• Exporting LOGON trigger with per schema filtering

  I am using the datapump on 10.2g (on linux) to export three schemas. I am using the "SCHEMA" option in the dbms_datapump.open() procedure and then using the metadata_filter with the SCHEMA_EXPR option to limit down to my three schema. I also do some data filtering after that. Works great, except...
  I found that we have one LOGON trigger which is NOT getting exported. The trigger IS owned by one of the schemas i am exporting. But, I think that because this is a "system event trigger", rather than a table based trigger, it will not export using the SCHEMA export mode. True ?
  I tried switching to the FULL export mode, but then I can not find a way to limit the export to the three schemas.
  All the exporting/importing is being done as system, so I don't think this is a priveledge issue.
  Ideas? How to datapump specific schemas and also get the system event triggers owned by those schemas ?
  Thanks very much for your help.
  Bill Clery

  Sure. Here is the trigger that is NOT exporting as part of the Schema export. We have a Schema called ReportView. In that schema are many views, one table, one package, and one trigger (below). Everything except the trigger is getting exported and then imported.
  CREATE OR REPLACE TRIGGER reportview.startsess AFTER LOGON ON reportview.SCHEMA
  BEGIN
  reportview.reportapi.AutoLoadPIT();
  END startsess;
  The initiation of the export was done like this
  PumpHandle := dbms_datapump.open('EXPORT','SCHEMA',NULL, JobName,'LATEST');
  dbms_datapump.set_parallel(PumpHandle, 1);
  dbms_datapump.metadata_filter(PumpHandle, 'SCHEMA_EXPR', 'IN (''ERIKSYSCORE'',''RBSAPPCORE'',''REPORTVIEW'')');
  dbms_datapump.add_file(...)
  dbms_datapump.data_filter(...)
  dbms_datapump.data_filter(...)
  dbms_datapump.start_job(PumpHandle);
  dbms_datapump.detach(PumpHandle);
  I tried swtiching to the "FULL" method and using the NAME_EXPR to filter down to the same schemas, but could not get this working.
  PumpHandle := dbms_datapump.open('EXPORT','FULL',NULL, JobName,'LATEST');
  dbms_datapump.set_parallel(PumpHandle, 1);
  dbms_datapump.metadata_filter(PumpHandle, 'NAME_EXPR', ???? );

• Logon trigger not working over DB-Link?

  Hi all,
  I have a serious question about accessing tables over a database link.
  I have three schema:
  DATA@SOURCE
  INTERFACE@SOURCE
  WORK@TARGET
  Schema DATA has one table called T1
  The INTERFACE schema has select privileges on all tables from DATA. Furthermore schema INTERFACE has a logon trigger to change the "current schema" to DATA:
  CREATE OR REPLACE TRIGGER TRG_A_LOGIN_SET_SCHEMA AFTER LOGON
  ON INTERFACE.SCHEMA
  BEGIN
  execute immediate 'ALTER SESSION SET CURRENT_SCHEMA = DATA';
  END;
  The WORK schema has a database link to the INTERFACE schema called INT_DB_LINK.
  I am now logged into schema WORK on the TARGET database and I am executing following statement:
  select a from T1@INT_DB_LINK
  -> it's working
  Next I execute
  declare
    cursor c is 
    select a
      from T1@INT_DB_LINK
     where rownum<2;
  begin
    for r in c loop
      null;
    end loop;
  end;
  This is not working. Error message is ORA-000942: table or view does not exist.
  But why?
  Can anyone help me?
  Thanks in advance
  Py

  Hi all,
  after a long, very long search I found what caused this strange behaviour.
  The ORA- Error was not raised by the SQL-Execution-Engine but by the SQL-Parser/SQL-Validation.
  As the second statement is an anonymous SQL block the Oracle Parser checks all objects dependencies before execution.
  This means a connection is established from TARGET to SOURCE checking if table T1 is available. The strange thing is
  that on this connection the "ALTER SESSION" trigger is not fired. So the parser does not find object T1 in schema INTERFACE.
  If I create an empty table T1 in INTERFACE the anonymous block gets parsed/validated and the statement is executed. But this
  time the block does a normal "connect session" and the trigger is fired. This means the statements accesses the T1 table in
  schema DATA. (But T1 in INTERFACE has to be existent that parse/validation works)
  I don't know if this is a bug or a feature.
  To workaround this I have created private synonyms in schema INTERFACE pointing to the objects in DATA.
  Thanks for your help!
  Py
  regarding the other qestion:
  Yes, permissions are granted over a role.

• Using Database Change Notification instead of After Insert Trigger

  Hello guys! I have an after insert trigger that calls a procedure, which in turn is doing an update or insert on another table. Due to mutating table errors I declared the trigger and procedure as autonomously transactional. The problem is, that old values of my main tables are inserted into the subtable since the after insert/update trigger is fired before the commit.
  My question is how can I solve that and how could I use the change notification package to call my procedure? I now that this notification is only started after a DML/DDL action has been commited on a table.
  If you could show me how to carry out the following code with a Database Change Notification I'd be delighted. Furthermore I need to know if it suffices to set up this notification only once or for each client seperately?
  Many thanks for your help and expertise!
  Regards,
  Sebastian
  declare
  cnumber number (6);
  begin
  select count(*) into cnumber from (
  select case when (select date_datum
      from
        (select f.date_datum,
          row_number() over (order by f.objectid desc) rn
        from borki.fangzahlen f
        where lng_falle      = :new.lng_falle
        and int_fallennummer = :new.int_fallennummer
        and lng_schaedling   = :new.lng_schaedling
        and date_datum       > '31.03.2010'
      where rn=1) < (select date_datum
      from
        (select f.date_datum,
          row_number() over (order by f.objectid desc) rn
        from borki.fangzahlen f
        where lng_falle      = :new.lng_falle
        and int_fallennummer = :new.int_fallennummer
        and lng_schaedling   = :new.lng_schaedling
        and date_datum       > '31.03.2010'
      where rn=2) then 1 end as action from borki.fangzahlen
          where lng_falle      = :new.lng_falle
          and int_fallennummer = :new.int_fallennummer
          and lng_schaedling   = :new.lng_schaedling
          and date_datum       > '31.03.2010') where action = 1;
  if cnumber != 0 then
  delete from borki.tbl_test where lng_falle = :new.lng_falle
  and int_fallennummer = :new.int_fallennummer
  and lng_schaedling   = :new.lng_schaedling
  and date_datum       > '31.03.2010';
  commit;     
  pr_fangzahlen_tw_sync_sk(:new.lng_falle, :new.int_fallennummer, :new.lng_schaedling);

  It looks like you have an error in line 37 of your code. Once you fix that the problem should be resolved.