Which has the higher priority in your organization: Deploying a new database or securing the ones you already have?
Looking for a website, and resources, dedicated solely to securing Oracle databases? Check out DBSecWorx.
Purpose
Real Application Security. Similar to DBMS_XS_SESSIONS with the exception that major procs contain parameters for providing attributes and their corresponding values
AUTHID
CURRENT_USER
Dependencies
DBMS_XSS_LIB
XS$LIST
XS$NAME_LIST
DBMS_XS_SESSIONS
Documented
No
Exceptions
Error Code
Reason
ORA-46063
Not attached to XS Security session
First Available
12.1
Security Model
Owned by SYS with no privileges granted. This package is visible in CDB$ROOT but not in a PDB.
Registers a PL/SQL procedure as the event handler with the session operation specified by the event_type parameter
dbms_xs_sessions_ffi.add_global_callback(
event_type IN PLS_INTEGER,
callback_schema IN VARCHAR2,
callback_package IN VARCHAR2,
callback_procedure IN VARCHAR2);
Assigns a named application user to the currently attached anonymous application session including attributes and attribute values
dbms_xs_sessions_ffi.assign_user(
username IN VARCHAR2,
is_external IN BOOLEAN,
enable_dynamic_roles IN xs$name_list,
disable_dynamic_roles IN xs$name_list,
external_roles IN xs$name_list,
authentication_time IN TIMESTAMP WITH TIME ZONE,
namespaces IN xs$name_list,
attributes IN xs$list
attribute_values IN xs$list);
Attach to an already created RAS session specified by the sessionid including attributes and attribute values
dbms_xs_sessions_ffi.dbms_xs_sessions.attach_session(
sessionid IN RAW,
enable_dynamic_roles IN xs$name_list,
disable_dynamic_roles IN xs$name_list,
external_roles IN xs$name_list,
authentication_time IN TIMESTAMP WITH TIME ZONE,
namespaces IN xs$name_list,
attributes IN xs$list
attribute_values IN xs$list);
Create a RAS session with specified 128 char case sensitive username string including attributes and attribute values
dbms_xs_sessions_ffi.create_session(
username IN VARCHAR2,
sessionid OUT NOCOPY RAW,
is_external IN BOOLEAN,
is_trusted IN BOOLEAN,
namespaces IN xs$name_list,
attributes IN xs$list
attribute_values IN xs$list
cookie IN VARCHAR2);
Deletes the global callback procedure for the session event specified by event_type
dbms_xs_sessions_ffi.delete_global_callback(
event_type IN PLS_INTEGER,
callback_schema IN VARCHAR2 DEFAULT NULL,
callback_package IN VARCHAR2 DEFAULT NULL,
callback_procedure IN VARCHAR2 DEFAULT NULL);
Enables or disables the global callback for the session event specified by event_type
dbms_xs_sessions_ffi.enable_global_callback(
event_type IN PLS_INTEGER,
enable IN BOOLEAN DEFAULT TRUE,
callback_schema IN VARCHAR2 DEFAULT NULL,
callback_package IN VARCHAR2 DEFAULT NULL,
callback_procedure IN VARCHAR2 DEFAULT NULL);
Sets the inactivity timeout (in minutes) for the session which is the maximum period of inactivity allowed before the session can be terminated and resource be reclaimed
dbms_xs_sessions_ffi.set_inactivity_timeout(
time IN NUMBER,
sessionid IN RAW);
Switch / proxy from current user to another user in currently assigned RAS session
dbms_xs_sessions.switch_user (
username IN VARCHAR2,
keep_state IN BOOLEAN,
namespaces IN xs$name_list,
attributes IN xs$list,
attribute_values IN xs$list);