Checking Module to Prevent SQL Plus usage on Database

I have a question regarding logon triggers checking against SYS_CONTEXT('USERENV', 'MODULE'). I created a logon trigger that looks for SYS_CONTEXT('USERENV', 'MODULE') = 'SQLPLUS.EXE'
and if it matches then it only allows specified users to log in to the database. This code works but I am confused as to why when I check SYS_CONTEXT('USERENV', 'MODULE') after I login in
shows SQL*Plus which clearly does not match my IF statement in my logon trigger.
Second issue. If I rename sqlplus.exe to jeff.exe and run it I am abled to log in to the database as a non DBA user. But the module still shows as SQL*Plus. Why is this?
Database Version: 11.2.0.2 64bit
OS: Windows Server 2003 R2
Client: 11.2.0.1
/*********************Create Trigger******************************/
CREATE OR REPLACE TRIGGER application_check_al
  after logon ON database 
DECLARE
  l_username VARCHAR2(20);
  l_module   VARCHAR2(20);
BEGIN
  l_username := SYS_CONTEXT('USERENV', 'SESSION_USER');
  l_module   := UPPER(SYS_CONTEXT('USERENV', 'MODULE'));
  IF l_module LIKE 'SQLPLUS.EXE' AND
     l_username NOT IN ('SYS', 'SYSTEM', 'DVOWNER', 'DVMGR') THEN
    raise_application_error(-20001, 'SQLPLUS ACCESS RESTRICTED FOR NON DBA USERS');
  END IF;
END application_check_al;
/*********************Run SQLPLUS******************************/
SQL*Plus: Release 11.2.0.1.0 Production on Wed Mar 7 12:22:23 2012
Copyright (c) 1982, 2010, Oracle.  All rights reserved.
Enter user-name: jeffc@dev
Enter password:
ERROR:
ORA-00604: error occurred at recursive SQL level 1
ORA-20001: SQLPLUS ACCESS RESTRICTED FOR NON DBA USERS
ORA-06512: at line 10
Enter user-name: system@dev
Enter password:
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.2.0 - 64bit Production
With the Partitioning, OLAP, Data Mining, Oracle Database Vault
and Real Application Testing options
system@dev> select sys_context('USERENV','MODULE') from dual;
SYS_CONTEXT('USERENV','MODULE')
SQL*Plus
SQL>

jeff81 wrote:
That doesn't make sense. Why am I able to log in when I renamed the exe? And why does the module still show as SQL*Plus?You are right - it does not make sense. The idea that Oracle might perhaps set module to SQLPLUS.EXE on executable start, and then re set from SQLPLUS.EXE to SQL*Plus after connect, or in glogin.sql, to ensure it is consistent across all operating system never crossed my mind.
You might want to refer to Support Note "SQL*Plus Session/Module is Not Showing in V$SESSION" [ID 1312340.1] to see whether anything in there helps. I'm pretty sure http://docs.oracle.com/cd/E11882_01/server.112/e16604/ch_twelve040.htm#i2698573 doesn't help much, though.
I'd certainly be raising it with Support as a potential security challenge, to get that potential hole closed.
Edited by: Hans Forbrich on Mar 7, 2012 2:23 PM
I wonder whether Oracle put that capability in there - if an untained SQLPLUS.EXE, it tells you that it is SQLPLUS.EXE, but if renamed it tells you 'SQL*Plus'? Specuklation, but it is one thing I might do to subtly raise the flag. Best bet - ask Support.
Edited by: Hans Forbrich on Mar 7, 2012 2:29 PM

Similar Messages

  • Problem in starting SQL*PLUS in oracle database 10g

    Hi
    Well I am facing one problem while starting SQL*PLUS in oracle database 10g
    ERROR - "Procedure entry point longjmp could not be located in dynamic link library orauts.dll"
    This has happened when I installed Oracle Database 11g on same machine and when I deinstalled Oracle 11g then SQL*PLUS is started...no error came
    Can anybody tell me the reason please...

    hi
    pls im having the same problem but in my own case i installed oracle apex using 11g.
    im env variable is:
    C:\Oracle\product\10.1.0\Client_1\bin;C:\Oracle\product\10.1.0\Client_1\jre\1.4.2\bin\client;C:\Oracle\product\10.1.0\Client_1\jre\1.4.2\bin;C:\app\Xty\product\11.2.0\dbhome_1\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;;C:\Program Files\TortoiseSVN\bin;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Microsoft SQL Server\90\DTS\Binn\;C:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Microsoft SQL Server\90\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\
    pls which is my apex_home so i can interchange it?
    i also have oracle 10g client installed

  • Limitation in using sql *plus as a database for applications

    dear experts;
    I would like to know all, what are some of the major limitations in using sql*plus as your database in designing application besides the fact the user-interface is not friendly enough..and google is not producing relevant answers to my questions by the way unfortunately

    user13328581 wrote:
    I know about the drivers, I just need an IDE very similar to PL/SQL developer that will give me an opportunity to create the tables and their relationships and perform other DDL tasks that is why initially i was just wondering whether it is okay to utilize sql*plus for all that...SQLPlus can process any valid sql statement. Actually, it will pass anything that is not a sqlplus command to the database to be processed. The database will process any valid sql statement and pass the result back to the client to do with as the client sees fit - the client being sqlplus in this case.
    Which is exactly what SQL Developer does. You say you want something "very similar to PL/SQL developer ". Why not SQL Developer itself?
    It sounds like you continue to confuse the database with the client application. ("what are some of the major limitations in using sql*plus as your database ...", "I need an oracle database which can be integrated with visual studio ")
    The database has no user interface at all. It accepts connection requests from clients, processes sql statements (or pl/sql blocks) passed from those clients and returns results to those clients. Those clients could be sqlplus, SQL Developer, Toad, Visual Basic, Access, Excel, or any number of other products -- all connecting to the same database at the same time, to do whatever they are programmed to do. You want to develop an app in visual studio? Be my guest. You want to use SQL Developer to create the tables, etc, needed by the app? Go right ahead. They are not mutually exclusive. You want to use sqlplus as well? Go ahead, it's the same database, just a different client app.

  • Access database issue in SQL Plus

    Hi Friends,
    I download a oracle 10g to install sql Plus without create database. (I download client and does not find SQL Plus)
    I can ping database server from client PC and also set up a TNS.
    However I got a error ORA 12504 --TNS:listener was not start.
    I can access database by sql plua from server side. I do not think we need to put a listener file in client PC under admin path.
    my database set as RAC module and system as window 2003
    how to fix this issue?
    Thanks,
    JIm

    OK, just to be clear, you have a single client machine where you have installed something with the 10g label. Are you saying that you installed the Oracle database bits, but did not create a database? Rather than doing a client-only install? Is there a single Oracle home on the client machine?
    And then you have a RAC database running on multiple Windows 2003 servers, right? Is there a listener running for this RAC database? Can you connect to it from other client machines?
    Are you certain that the service name you specified in the client machine's tnsnames.ora file matches the service the listener is listening for?
    Justin

  • URGENT - cannot log in to SQL Plus on Oracle 8i

    Hi, I have Oracle 8i (8.1.6.0.0) installed on windows 98.
    I want to use the SQL Plus module, but I have trouble to login SQL plus, and I an get error message:
    ORA-12560: TNS:Protocol adapter error
    I supposed the default username and password as follows:
    SYS/CHANGE_ON_INSTALL
    SYSTEM/MANAGER
    SCOTT/TIGER
    Am I using the correct version or edition (which I also don't know which edition)? Does windows 98 supports SQL Plus?
    I was told to set up a database by selecting database administration then follow by database configuration assistant (in order to use the SQL Plus, firstly a database have to set up). I'm not sure whether this is true? but inside the database administration I don't have the so call "database configuration assistant". Can someone please help me?
    Thanks a lot in advance!

    I hope you can help, I'm in the same boat as the others who cannot log on to the SQL* using Oracle Personal Edition 8
    I'm running on 98, and everytime I try entering SYS as username & CHANGE_ON_INSTALL as password, or SYSTEM as username & MANAGER as password; I get:
    ORA-01034: ORACLE not available
    ORA-27101: Shared memory realm does not exist
    I've been trying for a number of days, and have created databases using the Database config assistant, and everytime, it gives me the details as SYS CHANGE_ON_INSTALL etc, but it still doesn't let me log into SQL*
    Any help would be gratefully received,
    Patrick

  • Restricting the user to operate DML's from SQL PLUS Environment

    how to Restrict the user to operate DML statements from SQL PLUS Environment.

    Once you restrict SCOTT user to not be able to do an INSERT command, the SQL*Plus returns an error for user SCOTT when he tries to execute an INSERT statement.
    Note however, that this is enforced by SQL*Plus, not the database!
    Look into the use of product_user_profile from Oracle documentation for more information.
    SQL> insert into product_user_profile values('SQL*Plus', 'SCOTT', 'INSERT', NULL, NULL, 'DISABLED', NULL, NULL) ;
    1 row created.
    SQL> commit ;
    Commit complete.
    SQL> disconnect
    Disconnected from Oracle9i Enterprise Edition Release 9.2.0.3.0 - Production
    With the Partitioning, OLAP and Oracle Data Mining options
    JServer Release 9.2.0.3.0 - Production
    SQL>
    SQL> connect scott
    Enter password:
    Connected.
    SQL>
    SQL> insert into emp select * from emp ;
    SP2-0544: invalid command: insert
    SQL>
    SQL>

  • Problem logging in sql plus

    If you are running Personal Oracle, you do not need to give host
    string to log in SQL Plus. However, database should be started
    up first.
    In order to run SQL Plus on a client workstation in client-
    server environment, you should create a host string using Net
    Easy Configuration. If you have created 'ORACLE' as the host
    string, it is OK. You will also have to start a listener.

    sorry I was trying to reply to a post I read and had this
    happen. Please ignore this.

  • Official link to download sql*plus (linux)  for 10g  database

    Good Morning to all ;
    Can anyone provide official link to download sql*plus for 10g database ?
    I am using Virtual machine version 7. I want to configure SQL*Plus utility in my virtual machine ..
    Please provide any official link or torrent link. It's for our learning purpose.
    Thanks in advance ..
    OS : REDHAT5, OEL 5
    VMWARE : Version 7
    Product : 10g R2

    Hello ;
    I can't be enable SQL* Plus in my VMWARE.
    *$ unzip instantclient-sqlplus-linuxppc32-10.2.0.1-20051121.zip*
    Archive: instantclient-sqlplus-linuxppc32-10.2.0.1-20051121.zip
    inflating: instantclient_10_2/glogin.sql
    inflating: instantclient_10_2/libsqlplus.so
    inflating: instantclient_10_2/libsqlplusic.so
    inflating: instantclient_10_2/sqlplus
    *[oracle@rhel5 SHARE]$ cd instantclient_10_2/*
    [oracle@rhel5 instantclient_10_2]$ ls -l
    total 1135
    -r-xr-xr-x 1 root root 1525 Nov 12 2005 glogin.sql
    -rwxrwxrwx 1 root root 1445591 Nov 12 2005 libsqlplusic.so
    -rwxrwxrwx 1 root root 857299 Nov 12 2005 libsqlplus.so
    -rwxrwxrwx 1 root root 18391 Nov 12 2005 sqlplus
    *./sqlplus*
    bash: ./sqlplus: cannot execute binary file
    Please provide me the steps to continue ..

  • SQL*PLUS를 사용하여 SQL SCRIPT를 동적으로 생성, 수행

    제품 : SQL*PLUS
    작성날짜 : 2003-05-29
    이 Documents 는 SQL 과 SQL*PLUS를 동적으로 생성하고 수행하는 방법을
    소개하고 있다. 이를 위해 자주 사용하는 3가지 사용 예를 소개한다.
    이 Document는 다음과 같이 구성되어져 있다.
    1. CREATING A DYNAMIC DROP TABLE SCRIPT
    2. CREATING A DYNAMIC GRANT PRIVILEGES SCRIPT
    3. CREATING A DYNAMIC SCRIPT TO SET SQL PROMPT TO DATABASE NAME
    1. CREATING A DYNAMIC DROP TABLE SCRIPT
    개발 과정 중 우리는 Table을 Drop하고 Original Data를 Import하는 작업을
    빈번하게 수행하는데, 이 때 개개의 Drop 문을 사용하지 않고
    SET_UP_DROP.SQL 이라 불리우는 다음의 Script를 사용한다.
    set heading off
    set feedback off
    spool drop_all.sql
    select 'drop table'||table_name||';'from user_tables;
    spool off
    set feedback on
    start drop_all.sql
    DROP_ALL.SQL script 는 다음과 같다.
    drop table DEPT;
    drop table BONUS;
    drop table SALGRADE;
    drop table DUMMY;
    drop table CUSTOMER;
    drop table ORD;
    drop table ITEM;
    drop table PRODUCT;
    drop table PRICE;
    2. CREATING A DYNAMIC GRANT PRIVILEGES SCRIPT
    자신의 모든 Table 을 다른 사람에게 SELECT 권한을 부여하고자 할 때 다음
    의 SET_UP_GRANT.SQL 을 이용하면 빠르고 손쉽게 해결할 수 있다.
    set heading off
    set feedback off
    spool grant_all.sql
    select 'grant select on'||table_name||'to SCOTT;'from user_tables;
    spool off
    set feedback on
    start grant_all.sql
    GRANT_ALL.SQL 의 script 는 다음과 같다.
    grant select on DEPT to SCOTT;
    grant select on BONUS to SCOTT;
    grant select on SALGRADE to SCOTT;
    grant select on DUMMY to SCOTT;
    grant select on CUSTOMER to SCOTT;
    grant select on ORD to SCOTT;
    grant select on ITEM to SCOTT;
    grant select on PRODUCT to SCOTT;
    grant select on PRICE to SCOTT;
    3. CREATING A DYNAMIC SCRIPT TO SET SQL PROMPT TO DATABASE NAME
    위의 개념들을 보다 더 잘 사용하기 위해서는 SQL Prompt를 자신의
    Database로 변환해주는 SET_UP_PROMPT.SQL Script를 login.sql File 에
    추가시켜 자동적으로 SQL*PLUS를 불러 올 수 있게 한다.
    이는 Multiple Databases에 유용하다.
    set termout off
    set heading off
    set feedback off
    spool set_prompt.sql
    select 'set sqlprompt'||value||'>"from v$parameter
    where name='db_name';
    spool off
    start set_prompt.sql
    SET_PROMPT.SQL 은 다음과 같다.
    set sqlprompt V734>
    V$PARAMETER 는 Dynamic Performance Table 의 View 이다. Install 후 SYS
    user만이 Dynamic Performance Table을 수행할 수 있으므로 위의 Script를
    사용하기 위해 View를 Create 하거나 User에게 Access 권한을 부여하여야
    한다.
    Reference Documents
    <Note:17387.1>

  • SQL Program better than SQL*Plus

    Hello
    Do you know any program better than SQL*Plus for Oracle Database?
    I also know TOAD and SQL Navigator, is there any other
    If yes where can I download it ?
    Thanks in advance.

    Hi Kurt.
    RoboSource Control to my knowledge hasn't been developed in recent releases. It is essentially the same product that existed years ago. It works, but does not have a lot of users. Most people, including myself, prefer to use third party products such as Perforce, SVN.
    As RoboSource Control is an old product and isn't widely used, I doubt whether anyone has tried using it on SQL Server Express 2012. That is not to say it won't work on it though.

  • SQL * Plus - forward slash usage

    I have package spec and body in separate files, i have 2 packages, so i have 4 files in total.
    I want to install the 2 packages using "SQL * Plus", but how the install-script should look like. I don't understand how and where to use "sql * plus" command "forward-slash" "/".
    Should it be like this:
    spec_file_1
    body_file_1
    spec_file_1
    body_file_1
    Or how the "/" should be used? Only ones at the end? I don't understand.

    You can write a single file this way:
    create or replace package a is
    end;
    create or replace package body a is
    end;
    create or replace package b is
    end;
    create or replace package body b is
    end;
    /And then run it in sqlplus this way:
    SQL >@a.sqlor multiple files this way:
    create or replace package a is
    end;
    create or replace package body a is
    end;
    create or replace package b is
    end;
    create or replace package body b is
    end;
    /And then run them in sqlplus this way:
    SQL >@a.sql
    SQL >@b.sql
    SQL >@c.sql
    SQL >@d.sqlOr write a file e that runs a,b,c,d this way:
    @a.sql
    @b.sql
    @c.sql
    @d.sqlAnd then run it in sqlplus this way:
    SQL >@e.sqlIn the previous examples the slash is always at the end of each CREATE...END;
    This is not compulsory. In the last example you could remove the slashes from the files a,b,c,d and write the file e this way:
    @a.sql
    @b.sql
    @c.sql
    @d.sql
    /This works anyway.
    Max
    [My Italian Oracle blog|http://oracleitalia.wordpress.com/2010/01/23/la-forza-del-foglio-di-calcolo-in-una-query-la-clausola-model/]
    Edited by: Massimo Ruocchio on Jan 26, 2010 9:20 AM
    typos

  • SQL*Plus and NLS_DATE_FORMAT

    So, I haven't visited this topic in a long time, so I'm trying to refresh my memory on how everything works ...
    We set our NLS_DATE_FORMAT at the system level ... what ... 4 years ago to 'MM/DD/RR'. Despite the fact that I set this to something more commonly-used than the default of 'DD-Mon-RR', we've adopted the standard of always using TO_DATE() with an explicit format, just in case it's ever changed.
    There were some applications that missed the standard, and now that a driver (for ColdFusion) has been updated, these SQL statements are now failing.
    When I started looking into it, I realized that the system-level default of 'MM/DD/RR' should work fine. But, after experimenting in SQL*Plus and TOAD, I am thinking that either:
    1) the system-level format is not being used
    2) and/or there are login scripts which are setting these to something else
    Coincidentally, both SQL*Plus and TOAD return the exact same query results:
    SQL> select *
         from NLS_INSTANCE_PARAMETERS
         where parameter = 'NLS_DATE_FORMAT';
    PARAMETER                      VALUE
    NLS_DATE_FORMAT                MM/DD/RR
    SQL> select *
         from NLS_SESSION_PARAMETERS
         where parameter = 'NLS_DATE_FORMAT';
    PARAMETER                      VALUE
    NLS_DATE_FORMAT                DD-MON-RRSo I looked into the glogin.sql script (which both tools share), and there's nothing mentioned about the NLS_DATE_FORMAT
    -- Copyright (c) 1988, 2003, Oracle Corporation. 
    -- All Rights Reserved.
    -- NAME
    --   glogin.sql
    -- DESCRIPTION
    --   SQL*Plus global login "site profile" file
    --   Add any SQL*Plus commands here that are to
    --   be executed when a user starts SQL*Plus, or
    --   uses the SQL*Plus CONNECT command
    -- USAGE
    --   This script is automatically run
    -- Used by Trusted Oracle
    COLUMN ROWLABEL FORMAT A15
    -- Used for the SHOW ERRORS command
    COLUMN LINE/COL FORMAT A8
    COLUMN ERROR    FORMAT A65  WORD_WRAPPED
    -- Used for the SHOW SGA command
    COLUMN name_col_plus_show_sga FORMAT a24
    COLUMN units_col_plus_show_sga FORMAT a15
    -- Defaults for SHOW PARAMETERS
    COLUMN name_col_plus_show_param FORMAT a36 HEADING NAME
    COLUMN value_col_plus_show_param FORMAT a30 HEADING VALUE
    -- Defaults for SHOW RECYCLEBIN
    COLUMN origname_plus_show_recyc   FORMAT a16 HEADING 'ORIGINAL NAME'
    COLUMN objectname_plus_show_recyc FORMAT a30 HEADING 'RECYCLEBIN NAME'
    COLUMN objtype_plus_show_recyc    FORMAT a12 HEADING 'OBJECT TYPE'
    COLUMN droptime_plus_show_recyc   FORMAT a19 HEADING 'DROP TIME'
    -- Defaults for SET AUTOTRACE EXPLAIN report
    COLUMN id_plus_exp FORMAT 990 HEADING i
    COLUMN parent_id_plus_exp FORMAT 990 HEADING p
    COLUMN plan_plus_exp FORMAT a60
    COLUMN object_node_plus_exp FORMAT a8
    COLUMN other_tag_plus_exp FORMAT a29
    COLUMN other_plus_exp FORMAT a44
    -- Used to alter the TOAD environment so that users do not have to
    -- use the SET DEFINE OFF command prior to compiling code
    -- Charles Forbes 10.17.2005
    SET scan offIf I expressly go into either tool and execute, the following, setting the format to that already delcared at the system-level:
    alter session set nls_date_format = 'MM/DD/RR'Then these SQL statements start running just fine again.
    There's something that I'm missing in my basic understanding of how this works. I assumed that the driver update for ColdFusion perhaps enabled a different "glogin.sql"-type script equivalent for that tool ... until ... I started checking into how the NLS_DATE_FORMAT is supposed to work ... but isn't. Could someone help me clarify where the hole is in my understanding?
    Thanks,
    Chuck

    chuckers wrote:
    What's the difference, then, between NLS_SESSION_PARAMETERS and NLS_INSTANCE_PARAMETERS in my initial post? The glogin.sql script isn't altering the NLS_DATE_FORMAT for the desktop version of SQL*Plus, so I'm perplexed that the SESSION format differs from the INSTANCE format.NLS_SESSION_PARAMETERS are the NLS parameters that are in force for your particular session (i.e. the particular connection you have). Most client applications cause things like NLS_DATE_FORMAT to be set, overriding the NLS_INSTANCE_PARAMETERS. Instance-level NLS settings are most commonly used only for purely back-end processing (i.e. background jobs scheduled via DBMS_JOB or DBMS_SCHEDULER, etc.) 9 times out of 10, the client application is going to override the instance-level paramters.
    I even opened SQL Developer, and got
    select * from nls_session_parameters where parameter = 'NLS_DATE_FORMAT';
    PARAMETER                      VALUE                                   
    NLS_DATE_FORMAT                DD-MON-RR                               
    1 rows selected
    select * from nls_instance_parameters where parameter = 'NLS_DATE_FORMAT'
    PARAMETER                      VALUE                                   
    NLS_DATE_FORMAT                MM/DD/RR                                
    1 rows selected
    That's not unexpected. Java applications are going to use the Java regional properties at least to specify a date format. SQL Developer has a config option for the date format, so it may well be specifying a different format.
    They're all 3 (Toad, SQL*Plus, TOAD) so suspiciously consistent, that I'm questioning some of the fundamentals of the NLS setup.
    I went ahead and looked via SQL*Plus from the server-side, & things are looking more consistently in-line with my expectations:
    [oracle@dvsrvr13 ~]$ sqlplus forbesc@d13
    SQL*Plus: Release 10.1.0.4.0 - Production on Thu Mar 19 12:44:57 2009
    Copyright (c) 1982, 2005, Oracle.  All rights reserved.
    Enter password:
    Connected to:
    Oracle Database 10g Enterprise Edition Release 10.1.0.4.0 - 64bit Production
    With the Partitioning, OLAP and Data Mining options
    SQL> select * from nls_session_parameters where parameter = 'NLS_DATE_FORMAT';
    PARAMETER                      VALUE
    NLS_DATE_FORMAT                MM/DD/RR
    SQL> select * from nls_instance_parameters where parameter = 'NLS_DATE_FORMAT';
    PARAMETER                      VALUE
    NLS_DATE_FORMAT                MM/DD/RR
    SQL> exit
    Disconnected from Oracle Database 10g Enterprise Edition Release 10.1.0.4.0 - 64bit Production
    With the Partitioning, OLAP and Data Mining options
    [oracle@dvsrvr13 ~]$ locate glogin.sql
    /u01/app/oracle/product/10.1.0/db_1/sqlplus/admin/glogin.sql
    [oracle@dvsrvr13 ~]$ more /u01/app/oracle/product/10.1.0/db_1/sqlplus/admin/glogin.sql
    -- Copyright (c) 1988, 2003, Oracle Corporation.  All Rights Reserved.
    -- NAME
    --   glogin.sql
    -- DESCRIPTION
    --   SQL*Plus global login "site profile" file
    --   Add any SQL*Plus commands here that are to be executed when a
    --   user starts SQL*Plus, or uses the SQL*Plus CONNECT command
    -- USAGE
    --   This script is automatically run
    -- Used by Trusted Oracle
    COLUMN ROWLABEL FORMAT A15
    -- Used for the SHOW ERRORS command
    COLUMN LINE/COL FORMAT A8
    COLUMN ERROR    FORMAT A65  WORD_WRAPPED
    -- Used for the SHOW SGA command
    COLUMN name_col_plus_show_sga FORMAT a24
    COLUMN units_col_plus_show_sga FORMAT a15
    -- Defaults for SHOW PARAMETERS
    COLUMN name_col_plus_show_param FORMAT a36 HEADING NAME
    COLUMN value_col_plus_show_param FORMAT a30 HEADING VALUE
    -- Defaults for SHOW RECYCLEBIN
    COLUMN origname_plus_show_recyc   FORMAT a16 HEADING 'ORIGINAL NAME'
    COLUMN objectname_plus_show_recyc FORMAT a30 HEADING 'RECYCLEBIN NAME'
    COLUMN objtype_plus_show_recyc    FORMAT a12 HEADING 'OBJECT TYPE'
    COLUMN droptime_plus_show_recyc   FORMAT a19 HEADING 'DROP TIME'
    -- Defaults for SET AUTOTRACE EXPLAIN report
    COLUMN id_plus_exp FORMAT 990 HEADING i
    COLUMN parent_id_plus_exp FORMAT 990 HEADING p
    COLUMN plan_plus_exp FORMAT a60
    COLUMN object_node_plus_exp FORMAT a8
    COLUMN other_tag_plus_exp FORMAT a29
    COLUMN other_plus_exp FORMAT a44
    [oracle@dvsrvr13 ~]$ So in all, I'm just perplexed by the differences.
    --=cfI'm not surprised that SQL*Plus from the Unix database server is going to have session-level settings that match the instance-level settings because there is probably nothing set in the Unix environment that would override the instance-level settings. There is probably no NLS_LANG or NLS_DATE_FORMAT set as environment variables and probably no central place to look for regional settings. Most applications, particularly Windows and Java apps, are going to have multiple places to look for that sort of information.
    Justin

  • Prevent sql login

    Hi everybody,
    I want to prevent the users from logging into sqlplus, the only way they can log into my database is through forms developer.
    So how can I do that?
    Database I am using is 7.3.2.
    I could not execute *CREATE OR REPLACE TRIGGER trigger_name
    AFTER LOGON ON DATABASE* on database 7.3.2.
    because AFTER or BEFORE LOGON ON DATABASE are not supported on database 7.3.2
    Is there another way to do what I want?
    could anyone give me a helping hand please?
    bye.

    [email protected] wrote:
    I want to prevent the users from logging into sqlplus, the only way they can log into my database is through forms developer.This is NOT security! It is a mere warm fuzzy that says "+oh my database security now seems better+" - it means nothing.
    It is trivial to circumvent any checks you put in place on the server side to prevent direct SQL access.
    Why?
    Because you need some means of identifying the client.
    How?
    By using the client identification details supplied in the connection string that the client itself passes to the Oracle Listener and server.
    Do you think it is a robust and logical approach to trust the unknown client to correctly tell you what it is, in order for you to decide whether or not to allow access? (e.g. I can write a Perl Proxy for Oracle, that looks to the server as a legal app, but in turn accepts and proxies connections from SQL*Plus, TOAD, MS-Access and anything else)
    Oracle (default) authentication works with scheme name and password. If the client supplies that, it means that the client is authenticated.. irrespective of who/what the client is.
    This means that you need to make sure that this schema is correctly secured, and that the client (irrespective of the client app used) can only do what that Oracle schema is allowed to do...
    Of course, running a 15 year old Oracle version is as non-nonsensical as implementing security based on trusting what the client says.

  • Oracle SQL Plus login fails

    Hi
    I have install Oracle 9i Enterprise Edition on Windows XP. Then I have created a database call "itcmdb". Then to login to SQL Plus in graphical mode I have enter
    User Name: sys as sysdba
    Password : password
    Host String : itcmdb
    Then I have got an error:
    SQL*Plus: Release 9.2.0.1.0 - Production on Fri Feb 17 16:46:17 2006
    Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
    SP2-0306: Invalid option.
    Usage: CONN[ECT] [logon] [AS {SYSDBA|SYSOPER}]
    where <logon> ::= <username>[<password>][@<connect_string>] | /
    so I try to log into SQL Plus by using command prompt. So i enter following command in the command prompt.
    D:\>SQLPLUS /NOLOG
    SQL*Plus: Release 9.2.0.1.0 - Production on Fri Feb 17 16:50:34 2006
    Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
    SQL> connect sys/password@itcmdb as sysdba
    Connected.
    SQL>
    the it was connected without any problem. Then i check "C:\oracle\ora92\network\admin\tnsnames.ora". So it was contain following information.
    ITCMDB =
    (DESCRIPTION =
    (ADDRESS_LIST =
    (ADDRESS = (PROTOCOL = TCP)(HOST = Rasika)(PORT = 1521))
    (CONNECT_DATA =
    (SERVER = DEDICATED)
    (SERVICE_NAME=itcmdb)
    Then i check "C:\oracle\ora92\network\admin\listener.ora". so it was contains following information.
    LISTENER =
    (DESCRIPTION_LIST =
    (DESCRIPTION =
    (ADDRESS_LIST =
    (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC0))
    (ADDRESS_LIST =
    (ADDRESS = (PROTOCOL = TCP)(HOST = rasika)(PORT = 1521))
    SID_LIST_LISTENER =
    (SID_LIST =
    (SID_DESC =
    (SID_NAME = PLSExtProc)
    (ORACLE_HOME = C:\oracle\ora92)
    (PROGRAM = extproc)
    (SID_DESC =
    (GLOBAL_DBNAME = ITCMDB)
    (ORACLE_HOME = C:\oracle\ora92)
    (SID_NAME = ITCMDB)
    Cold u plz help me to fix this problem........

    Hi
    I have install Oracle 9i Enterprise Edition on
    Windows XP. Then I have created a database call
    "itcmdb". Then to login to SQL Plus in graphical mode
    I have enter
    User Name: sys as sysdba
    Password : password
    Host String : itcmdb
    Then I have got an error:
    SQL*Plus: Release 9.2.0.1.0 - Production on Fri Feb
    17 16:46:17 2006
    Copyright (c) 1982, 2002, Oracle Corporation. All
    rights reserved.
    SP2-0306: Invalid option.
    Usage: CONN[ECT] [logon] [AS {SYSDBA|SYSOPER}]
    where <logon> ::=
    <username>[<password>][@<connect_string>] | /
    so I try to log into SQL Plus by using command
    prompt. So i enter following command in the command
    prompt.
    D:\>SQLPLUS /NOLOG
    SQL*Plus: Release 9.2.0.1.0 - Production on Fri Feb
    17 16:50:34 2006
    Copyright (c) 1982, 2002, Oracle Corporation. All
    rights reserved.
    SQL> connect sys/password@itcmdb as sysdba
    Connected.
    SQL>
    the it was connected without any problem. Then i
    check "C:\oracle\ora92\network\admin\tnsnames.ora".
    So it was contain following information.
    ITCMDB =
    (DESCRIPTION =
    (ADDRESS_LIST =
    (ADDRESS = (PROTOCOL = TCP)(HOST = Rasika)(PORT
    )(PORT = 1521))
    (CONNECT_DATA =
    (SERVER = DEDICATED)
    (SERVICE_NAME=itcmdb)
    Then i check
    "C:\oracle\ora92\network\admin\listener.ora". so it
    was contains following information.
    LISTENER =
    (DESCRIPTION_LIST =
    (DESCRIPTION =
    (ADDRESS_LIST =
    (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC0))
    (ADDRESS_LIST =
    (ADDRESS = (PROTOCOL = TCP)(HOST =
    )(HOST = rasika)(PORT = 1521))
    SID_LIST_LISTENER =
    (SID_LIST =
    (SID_DESC =
    (SID_NAME = PLSExtProc)
    (ORACLE_HOME = C:\oracle\ora92)
    (PROGRAM = extproc)
    (SID_DESC =
    (GLOBAL_DBNAME = ITCMDB)
    (ORACLE_HOME = C:\oracle\ora92)
    (SID_NAME = ITCMDB)
    Cold u plz help me to fix this problem........on the sqlplusw gui you can not pass sys as sysdba as this option is available in OEM or other FRONTEND tools, wherein they inherently implement connect command.
    Hope this helps !

  • W'azup with SQL Developer barfing on SQL*Plus "set" commands

    Check out this short script and the results it generates, as pasted below.
    I can't find anything in the SQL Dev documenation re: what SQL*Plus set commands it supports and which it considers "passe." I'm particularly puzzled by the "column ... format ..." command getting ignored.
    set heading off
    set pagesize 0
    set linesize 80
    set feedback off
    prompt ...start...
    column x format a5
    select 'abcdefghij' x from dual;
    prompt ...end...
    line 1: SQLPLUS Command Skipped: set heading off
    line 2: SQLPLUS Command Skipped: set pagesize 0
    line 3: SQLPLUS Command Skipped: set linesize 80
    ...start...
    X ----------
    abcdefghij 1 rows selected
    ...end...

    For supported SQL*Plus commands: SQL Developer Help > SQL Developer Concepts and Usage > Using the SQL Worksheet > SQL*Plus Statements Supported and Not Supported in SQL Worksheet.
    The "column ... format ...." command is not supported. A workaround is to use substr in your select statement.
    See also How to set a column size in sqldeveloper?

Maybe you are looking for

  • Lightroom 5 defaulted to my Trial version. Can you please advise on what I did wrong? I can provide the serial number for the purchased subscription.

    History - I had a 30 day trial version of Lightroom back in October. One small catalog of 1500 photos were contained in it. When I was prompted to upgrade, I incorrectly selected the option to "choose a different catalog" which prevented me from seei

  • 0 qty in stock, but still value

    Hi, our Inventory Audit report shows some items with a qty of 0 in stock, but nevertheless a positive cumulative value (up to $4.50) Since we use this report it is looks weird if the is a row with 0 in stock, but still a value. And if we remove lines

  • LOOP in LDB

    Hi, I am debugging a custom program, which is a copy of standarad one. This used logical database. In END-OF-SELECTION, I see a LOOP statement without internal table name. But the values are coming to the workarea T. I would like to know how the data

  • If USEREXIT/BADI doesnt exists ?

    Hi experts, I m searching for an exit/badi for txn code IW31 in ECC 6.0. But i coundnt found the exit or badi. In these cases how can we acheive the business requuirememnt? i heard BTE is only for FI module. But i am working on ECC, with order manage

  • Unable to sign-in to write a review.

    Hi, I want to write a review for an iPhone app. When I click on the "Write a Review" button, it asks me to sign-in to write a customer review. I enter my ID and password, click "Sign in". The box disappears and immediately returns, asking me to sign-