How to implement Oracle Label Security with Oracle8.1.5 database

Similar Messages

• How to install Oracle Label Security in Oracle Database 10g EE

  Hello All
  I just want to know how to install Oracle Label Security in Oracle 10g Database EE.
  I read in Oracle Enterprise Manager Grid Control Installation and Basic Configuration that Label Security must be installed before installing Enterprise Manager Grid Control.
  I have Oracle Database 10g Release 1 (10.1.0.1) on my Windows XP System, and I patch it to 10.1.0.3.
  M.
  Sorry about my English.

  Options is to connect to Oracle Policy Manager or use Oracle Internet Directory (OID)to administer Oracle Label Security.
  Find more ways in the Documentation here:
  http://download-uk.oracle.com/docs/cd/B19306_01/network.102/b14267/toc.htm

• How to install "Oracle Label Security" on "Oracle Developers Day" VM?

  Hello,
  I downloaded and started the "Oracle Developers Day" pre-built virtual machine using VirtualBox.
  I need to install Oracle Label Security in order to make some tests with it. So:
  1) Do we have the installation folder of Oracle Enterprise Edition somewhere on the VM?
  2) If not, how can I install OLS? Do I have to use shared folder to mount the installation media? How can I mount the installation folder, which I downloaded and stored on the host machine? Could you, please, provide step-by-step example?
  Thank you in advance.
  Beroetz

  Options is to connect to Oracle Policy Manager or use Oracle Internet Directory (OID)to administer Oracle Label Security.
  Find more ways in the Documentation here:
  http://download-uk.oracle.com/docs/cd/B19306_01/network.102/b14267/toc.htm

• How to install Oracle developer/2000 with Oracle8i

  hi, my dear firends
  please show me how to install the Oracle Developer/2000 with Oracle8i. or where i can find the install guide for that.
  thank you
  yours
  frank

  Hi you !
  You can do steps:
  1. Install Oracle developer/2000 into Oracle Home: Default - the first.
  2. Install Oracle8i/9i into another Oracle Home - the seconde
  Good luck for you !
  [email protected]
  hi, my dear firends
  please show me how to install the Oracle Developer/2000 with Oracle8i. or where i can find the install guide for that.
  thank you
  yours
  frank

• Trying to use Oracle Label Security with a XMLType

  Hi everybody.
  I'm trying to apply some of the Oracle Label Security functionalities to a table created from the annotations of a XML Schema
  (Below I show part of this XML Schema:
  <?xml version="1.0" encoding="UTF-8"?>
  <xs:schema xmlns:xdb="http://xmlns.oracle.com/xdb"
  xmlns:xs="http://www.w3.org/2001/XMLSchema"
  elementFormDefault="qualified"
  attributeFormDefault="unqualified">
  <xs:element name="FILE_INFO" xdb:SQLType="FILE_INFO" xdb:defaultTable="TABLE_FILE_INFO">
  <xs:complexType>
  <xs:choice>
  <xs:element name="FILE_INFO_DICOM"
  type="FILE_INFO_DICOM_TYPE" />
  <xs:element name="FILE_INFO_ANALYZE"
  type="FILE_INFO_ANALYZE_TYPE" />
  </xs:choice>
  </xs:complexType>
  </xs:element>
  <xs:complexType name="FILE_INFO_DICOM_TYPE" xdb:SQLType="FILE_INFO_DICOM_TYPE">
  <xs:sequence>
  <xs:element name="ELEMENT_INFO_DICOM"
  type="ELEMENT_INFO_DICOM_TYPE"
  minOccurs="0"
  maxOccurs="unbounded"
  xdb:defaultTable="TABLE_ELEMENT_INFO_DICOM"
  xdb:SQLInline ="false"/>
  </xs:sequence>
  </xs:complexType>
  <xs:complexType name="ELEMENT_INFO_DICOM_TYPE" xdb:SQLType="ELEMENT_INFO_DICOM_TYPE">
  <xs:all>
  <xs:element name="Description" type="xs:string" minOccurs="0" maxOccurs="1" />
  <xs:element name="GroupTag" type="xs:string" minOccurs="0" maxOccurs="1" />
  <xs:element name="ElementTag" type="xs:string" minOccurs="0" maxOccurs="1" />
  <xs:element name="VR" type="xs:string" minOccurs="0" maxOccurs="1"/>
  <xs:element name="Value" type="xs:string" minOccurs="0" maxOccurs="1"/>
  </xs:all>
  </xs:complexType>
  ................etc
  I've created a security policy that I have tested on relational tables (not based on any object type) and works correctly.
  BEGIN
  SA_POLICY_ADMIN.APPLY_TABLE_POLICY(policy_name => 'policy1',
  schema_name => 'oe',
  table_name => 'TABLE_FILE_INFO',
  table_options => 'LABEL_DEFAULT, READ_CONTROL, WRITE_CONTROL',
  label_function => NULL,
  predicate => NULL);
  END;
  When I try to apply this policy to the XMLSchema-created table (TABLE_FILE_INFO) I get next error messages:
  ORA-22856: cannot add columns to object tables
  ORA-00604 error occurred at recursive SQL level 1
  ORA-12445: cannot change HIDDEN property of column.
  ORA-06512: in "LBACSYS.LBAC_POLICY_ADMIN", line 257
  ORA-06512: in line 2
  I suppose that the main problem is that the apply_plicy procedure is trying to add an extra column to a table created from a defined type.
  So my questions are: It's that true? Is it possible to apply a policy to the content of XML documents, I mean, if I want to restrict that some users see some subset of a XML document based on a specific policy, is there anything similar to Oracle Label security for XML? (as defined with the annotations in the XML Schema, some elements will be mapped to rows of a XMLType-based table when a XML document is inserted into the XMLDB repository (marked to follow the previous XML Schema of course)
  Hope someone can help to solve my doubts...
  Thanks,
  Marcos.

  Have you ever answered this question? If not, have you tried to use the "HIDE" property on your table_options?

• How to install Oracle form 6i with Oracle8.1.7 on the same driver?

  My machine is P4 with W2K.
  How to install Oracle form6i with Oracle8.1.7 on this machine?
  Could some one give me the details?
  Thanks a lot!!

  Hi Shay,
  Thanks for help. I got it.
  The problem I met is I should not export/import Oralce folder in registry.
  If do that, Oracle only configure one home to either oracle817 or form6i.
  Thanks again

• OID-Integrated Label Security with HTMLDB?

  Hi,
  I've followed the how-to document to integrate Oracle Label Security with Oracle Internet Directory.(http://www.oracle.com/technology/deploy/security/database-security/howtos/ols_oid-how-to.html).
  I've successfully created a label security policy for the HR.LOCATIONS table. I would like that same policy to be effective on any query regions in an HTMLDB application.
  I created a test application in HTMLDB, and changed the authentication scheme to be LDAP. It uses Oracle Internet Directory to authenticate the users, and this works successfully.
  However, when I login with an OID user that has been assigned to use the policy, I get no rows returned.
  What is a good way to integrate my label security policy with my htmldb applicaton so that it works within HTMLDB and outside of HTMLDB?
  I saw the technote to use VPD, but when I tried this, it caused my label security policy to stop working. I somehow made it conflict...(http://www.oracle.com/technology/pub/notes/technote_htmldb_vpd.html)
  I guess I'm just not sure what the VPD function should look like after I've already created a Label Security Policy.
  I basically want it to look at the APP_USER and then apply the policy appropriately.
  Thanks,
  Nora

  Scott,
  It still worked in SQLPLUS when I typed 'set role none' first.
  The way I granted PROFILE_ACCESS was through a label security command:
  SQL> exec sa_user_admin.set_user_privs('senspolicy','parse_schema','FULL,PROFILE_ACCESS');
  It seems like this is the only way..
  It just seems strange that it works in SQLPLUS. I'm trying to figure out what other permissions I need for HTMLDB.
  Thanks again,
  Nora
  SQL*Plus: Release 10.2.0.1.0 - Production on Wed May 16 16:38:20 2007
  Copyright (c) 1982, 2005, Oracle. All rights reserved.
  Enter user-name: parse_schema/<password>@testls
  Connected to:
  Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Production
  With the Partitioning, Oracle Label Security, OLAP and Data Mining options
  SQL> set role none;
  Role set.
  SQL> select count(*) from hr.locations;
  COUNT(*)
  23
  SQL> exec sa_session.set_access_profile('senspolicy','PUB');
  PL/SQL procedure successfully completed.
  SQL> select count(*) from hr.locations;
  COUNT(*)
  17
  SQL>

• Enabling Oracle Label Security on 9.2.0.7 database

  Hi there,
  I have installed the option Oracle Label Security and patched it to 9.2.0.7. I have then run the script $ORAHOME\rdbms\admin\catols.sql . Which re-starts the database.
  But when I run the below example I get the below error.
  SQL> CONNECT lbacsys/lbacsys
  Connected.
  SQL> EXECUTE SA_SYSDBA.CREATE_POLICY( -
  'FACILITY','FACLAB','READ_CONTROL,CHECK_CONTROL,LABEL_DEFAULT,HIDE');
  BEGIN SA_SYSDBA.CREATE_POLICY( 'FACILITY','FACLAB','READ_CONTROL,CHECK_CONTROL,LABEL_DEFAULT,HIDE'); END;
  ERROR at line 1:
  ORA-00439: feature not enabled: Oracle Label Security
  ORA-06512: at "LBACSYS.LBAC_SYSDBA", line 107
  ORA-06512: at "LBACSYS.SA_SYSDBA", line 43
  ORA-06512: at line 1
  I have also noticed that in the v$option view shows the
  PARAMETER VALUE
  Oracle Label Security FALSE
  I have compared the number of objects to metalink article 171155.1 How to Install / Deinstall Oracle Label Security and all the objects seem to be in the schema.
  Also I check the version and saw below.
  SQL> conn dba/
  Connected.
  SQL> COL comp_name FORMAT A32
  SQL> COL version FORMAT A16
  SQL> SELECT
  2 comp_id
  3 ,comp_name
  4 ,version
  5 FROM dba_registry
  6 where comp_id='OLS';
  COMP_ID COMP_NAME VERSION
  OLS Oracle Label Security 9.2.0.7.0
  1 rows selected.
  SQL>
  Anyone know how I can enable Oracle Label Security is that it works?
  TIA
  Ed

  I still have some old 9.2.0.8 databases running on both HP-UX and AIX and have clients on 10.2g which doesn't manifest any problem .

• Advance Replication and Oracle Label Security

  Has anyone been able to configure both Advance Replication and Oracle Label Security to work together?

  This is currently not supported in Streams. I have an enhancement request in with Oracle for this functionality. This won't be seen in 11g R2 either.
  Has anyone done Label Security with Advance Replication?

• How to implement data level security

  How to implement data level security in BI Publihser?. I am using Obiee enterprise edition and bi publihser. My requirement is to show data based on User- Region relation ship.
  User A - belongs to Eastern Region
  User B - belongs to Southern Region
  so if user A logged in he should see only Eastern Region report. If user B logged in He should see only Southern region. I am using direct sql to my oralce database as data source.
  i appriciate your help

  I am using a common database username and password for jdbc connection. what i am looking is based the BI Publihser login, is there any way?
  say i have userregion table joined with fact. so that i can write a query to get the data
  select c1,c2,c3
  from userregion, fact
  where fact.region=userregion.region
  and userregion.user = BIPUBLIHSERUSER
  but my question is ithere any variable to tell who is logged in BI Publisher? Any server varaibles?
  Other related question is, In every report i want to show User name who is running the report. How can i get this?

• How to implement OracleAS Portal Clustering ?

  Dear all,
  Can anybody pls point me to the docs about how to implement OracleAS Portal Cluster (version 10.1.4) ?
  Also, about deploying Portal from development server to production server (using Export Import) , do we have to deploy it to all nodes , or can we just deploy it once to the cluster ?
  Thank you,
  xtanto

  Hello Xtanto,
  The Oracle documentation provides instructions for setting up Oracle Portal in a 'cluster'. For 10.1.2.0.2 and 10.1.4 :
  [5.3|http://download.oracle.com/docs/cd/B14099_19/portal.1014/b19305/cg_advnc.htm#i1046354] Configuring Multiple Middle Tiers with a Load Balancing Router
  Oracle® Application Server Portal Configuration Guide
  10g Release 2 (10.1.4)
  B19305-03
  Alternatively you can also check the enterprise deployment guide :
  [7|http://download.oracle.com/docs/cd/B14099_19/core.1012/b13998/portal.htm#CACHEECD] Installing and Configuring the myPortalCompany Application Infrastructure
  Oracle® Application Server Enterprise Deployment Guide
  10g Release 2 (10.1.2)
  B13998-07
  For deployment from development to production, transport sets can be used :
  [10|http://download.oracle.com/docs/cd/B14099_19/portal.1014/b19305/cg_imex.htm#i1030999] Exporting and Importing Content
  Oracle® Application Server Portal Configuration Guide
  10g Release 2 (10.1.4)
  B19305-03
  Thanks,
  EJ

• How to implement list of values with bind parameters

  Hi All,
  Please give me details about how to implement list of values with bind parameters.
  I have implemented with below things.
  1) created lov view object with query like select meaning, lookup_code from fnd_lookup_values where lookup_type=:1;
  2) The above vo added to applicationa module.
  3) created Controller class in the co class written code in processRequest();
  String vLookupType=pageContext.getParameter("LookupType");
  Serializable params={vLookupType};
  am.invokemethod("Initialize",params);
  4) In AM Impl Class invoke the VO
  5) In VO Impl class executed the query..
  But the above process working fine but when i give the value in lov text field like 'C' then press tab button the result will not showing instead of that i am getting error message, i want to implement standard lov functionality while implementing query with bind parameter.
  any thing reqired to add the code to controller for search criteria..
  Thanks
  Mateti

  Hi
  i am getting error as
  oracle.apps.fnd.framework.OAException: oracle.jbo.SQLStmtException: JBO-27122: SQL error during statement preparation. Statement: SELECT * FROM (SELECT meaning, lookup_code,lookup_type
  FROM fnd_lookup_values
  WHERE view_application_id = 200) QRSLT WHERE (lookup_type=:1 AND ( UPPER(MEANING) like :2 AND (MEANING like :3 OR MEANING like :4 OR MEANING like :5 OR MEANING like :6)))
  Thanks
  Mateti

• Using non-alphabetical symbols in Oracle Label Security API

  I decide to use Oracle Label Security Release 9.0.1 , but I have some problems in realization . When I try to use function sa_policy_admin.apply_table_policy with
  following parameters:
  sa_policy_admin.apply_table_policy(
  POLICY_NAME => 'policy1',
  SCHEMA_NAME => 'domain1\user1',
  TABLE_NAME => 'table1'
  I receive messages :
  ORA-00604: error occurred at recursive SQL level 1
  ORA-00911: invalid character
  ORA-00911: invalid character
  ORA-06512: at "LBACSYS.LBAC_POLICY_ADMIN", line 251
  ORA-06512: at line 2
  Tell me please , may be there are any limitations on parameter SCHEMA_NAME in function ,
  because this function can't understand symbol "\".
  Note 1: It is obligatory to use symbol "\" in schema_name ,
  because I have to connect to DB as external user (user of Windows 2000 Server).
  Note 2: ORA-00911 invalid character
  Cause: Special characters are valid only in certain places. If special characters other than $, _, and # are used in a name and the name is not enclosed in double quotation marks ("), this message will be issued. One exception to this rule is for database names; in this case, double quotes are stripped out and ignored.
  Action: Remove the invalid character from the statement or encl[i]Long postings are being truncated to ~1 kB at this time.

  Yes I have with 10gr3
  It can be made to work but perhaps not in the way you want (per user?). Your label security will need to have policies based on something.
  I did a proof of concept using Security Group column as the 'label'. Then applied VPD policies based on which network the request came from (1 DB rac node in each network).
  In my case I wanted to show ALL content to a secure network but a subset of content to the lower security network. For this use case it is ideal.
  It worked flawlessly...not supported though
  Apparently OLS is on roadmap or UCM (WCC) so ask Oracle and see if you can find out if it is slated for any particular release yet.
  Tim

• Problem using Implementing Remote Panel Security with a Login Example Guide

  I'm having issues implementing a Remote Panel protected by username and password using this NI guide:
  Implementing Remote Panel Security with a Login Example
  Remotepanellogin.zip
  After login process using Login.vi, if the user has the right password, his IP will be included in the Webserver allowed access list and the user can open the web site which hosts the Main.vi. Ok.
  But if the user doesn't have the password, his IP will be denied!
  Here is the problem: Will his IP be denied at all including Login.vi? 
  I can't block access to Login.vi because even if the user entered a wrong password, he can still try login again....
  How can I configure a type of Allowed and Denied table using Webserver properties? For example:
  IP: 10.0.0.2 - Login.vi (allowed) - Main.vi (allowed) -> User entered a right password
  IP: 10.0.0.3 - Login.vi (allowed) - Main.vi (denied) -> User entered a wrong password
  Note: Login.vi must be visible and accessible always.
  These are the Implementing Remote Panel Security with a Login Example instructions:
  After you configure the VIs with the Web Publishing Tool, browse to the Remote Panel Login VI and run it. When this VI runs, LabVIEW gives remote panel access to all users, but they can view and control only this VI.
  If a user successfully logs in by supplying the Username of NI and password of labview (both are case sensitive) then LabVIEW gives remote panel access to the IP address specified in the Remote Panel Login VI only. That user can then browse to and run the Main VI.
  Thanks in advance!
  APrado
  Message Edited by APrado on 04-01-2009 08:21 AM

  I'm thinking about using the option Reentrant Execution (VI property > Category > Execution).
  Could anyone help me?
  Thanks.

• How to implement oracle in mobile

  Hi,
  I want to know how to implement oracle in mobile?
  just we want to save small database in to the mobile ,if it is possible to install oracle in mobile.
  Edited by: user12492625 on Jan 22, 2010 3:09 AM

  Could you give us more details ? Is it Peoplesoft related ?
  Nicolas.