ADD_AUTH_TO_REALM Function

This function authorizes a user or role to access a realm as a participant. The person running this function cannot add himself or herself to the realm as a realm owner.

Syntax

ADD_AUTH_TO_REALM(

realm_name VARCHAR2, grantee VARCHAR2);

Parameters

Table E–1 DVSYS.DBMS_MACADM Realm Configuration Functions

Function Description

ADD_AUTH_TO_REALM Function Authorizes a user or role to access a realm as a participant.

ADD_AUTH_TO_REALM Function Authorizes a user or role to access a realm as an owner or participant (no rule set).

ADD_AUTH_TO_REALM Function Authorizes a user or role to access a realm as a participant.

Optionally, you can specify a rule set for the authorization.

ADD_AUTH_TO_REALM Function Authorizes a user or role to access a realm as a participant or owner. Optionally, you can specify a rule set for the authorization.

ADD_OBJECT_TO_REALM Function Registers a set of objects for realm protection.

CREATE_REALM Function Creates a realm.

DELETE_AUTH_FROM_REALM Function Removes the authorization of a user or role to access a realm.

DELETE_OBJECT_FROM_REALM Function Removes a set of objects from realm protection.

DELETE_REALM Function Deletes a realm.

DELETE_REALM_CASCADE Function Deletes a realm, including its related Database Vault configuration information.

RENAME_REALM Function Renames a realm. The name change takes effect everywhere the realm is used.

SET_PRESERVE_CASE Function Used to allow mixed-case identifiers. This preserves the case and quotation marks of Oracle identifiers used in the packages and generally supported by Oracle.

UPDATE_REALM Function Updates a realm.

UPDATE_REALM_AUTH Function Updates the authorization of a user or role to access a realm.

Table E–2 ADD_AUTH_TO_REALM Parameters

Parameter Description realm_name Realm name.

To find the existing realms in the current database instance, use the DBA_

DV_REALMS view, described in "Oracle Database Vault Public Views" on page C-9.

DVSYS.DBMS_MACADM Package

This function authorizes a user or role to access a realm as an owner or a participant.

The person running this function cannot add himself or herself to the realm as a realm owner.

Syntax

ADD_AUTH_TO_REALM(

realm_name VARCHAR2, grantee VARCHAR2, auth_options NUMBER);

Parameters

ADD_AUTH_TO_REALM Function

This function authorizes a user or role to access a realm as a participant. The person running this function cannot add himself or herself to the realm as a realm owner.

Optionally, you can specify a rule set to check data before allowing the authorization to proceed.

grantee User or role name to authorize as a participant.

To find the existing users and roles in the current database instance, use the DBA_USERS and DBA_ROLES views, described in Oracle Database Reference.

To find the authorization of a particular user or role, use the DVA_DV_

REALM_AUTH view. To find existing secure application roles used in privilege management, run DBA_DV_ROLE. Both are described in "Oracle Database Vault Public Views" on page C-9.

Table E–3 ADD_AUTH_TO_REALM Parameters

Parameter Description realm_name Realm name.

To find the existing realms in the current database instance, use the DBA_

DV_REALMS view, described in "Oracle Database Vault Public Views" on page C-9.

grantee User or role name to authorize as owner or participant.

To find the existing users and roles in the current database instance, use the DBA_USERS and DBA_ROLES views, described in Oracle Database Reference.

To find the authorization of a particular user or role, use the DVA_DV_

REALM_AUTH view. To find existing secure application roles used in privilege management, run DBA_DV_ROLE. Both are described in "Oracle Database Vault Public Views" on page C-9.

auth_options Specify one of the following ways to authorize the realm:

■ 0: Participant.

■ 1: Owner

See "Defining Realm Authorization" on page 3-5 for more information on participants and owners.

Table E–2 (Cont.) ADD_AUTH_TO_REALM Parameters Parameter Description

DVSYS.DBMS_MACADM Package

Syntax

ADD_AUTH_TO_REALM(

realm_name VARCHAR2, grantee VARCHAR2, rule_set_name VARCHAR2);

Parameters

ADD_AUTH_TO_REALM Function

This function authorizes a user or role to access a realm as a participant or owner. The person running this function cannot add himself or herself to the realm as a realm owner. Optionally, you can specify a rule set to check data before authorizing.

Syntax

ADD_AUTH_TO_REALM(

realm_name VARCHAR2, grantee VARCHAR2, rule_set_name VARCHAR2, auth_options NUMBER);

Parameters

Table E–4 ADD_AUTH_TO_REALM Parameters

Parameter Description realm_name Realm name.

To find the existing realms in the current database instance, use the DBA_

DV_REALMS view, described in "Oracle Database Vault Public Views" on page C-9.

grantee User or role name to authorize as participant.

To find the existing users and roles in the current database instance, use the DBA_USERS and DBA_ROLES views, described in Oracle Database Reference.

To find the authorization of a particular user or role, use the DVA_DV_

REALM_AUTH view. To find existing secure application roles used in privilege management, run DBA_DV_ROLE. Both are described in "Oracle Database Vault Public Views" on page C-9.

rule_set_name Rule set to check before authorizing (optional). If the rule set evaluates to TRUE, then the authorization is allowed.

To find the available rule sets, use the DBA_DV_RULE_SET view. To find rules that are associated with the rule sets, run DBA_DB_RULE_SET_

RULE. Both are described in "Oracle Database Vault Public Views" on page C-9.

Table E–5 ADD_AUTH_TO_REALM Parameters

Parameter Description realm_name Realm name.

To find the existing realms in the current database instance, use the DBA_

DV_REALMS view, described in "Oracle Database Vault Public Views" on page C-9.

DVSYS.DBMS_MACADM Package

Nel documento Oracle® Database Vault Administrator’s Guide 10g (pagine 162-165)