Oracle XS_PRINCIPAL_INT
Version 21c

General Information
Library Note Morgan's Library Page Header
Which has the higher priority in your organization: Deploying a new database or securing the ones you already have? Looking for a website, and resources, dedicated solely to securing Oracle databases? Check out DBSecWorx.
Purpose Real Application Security Principal Utilities
AUTHID DEFINER
Dependencies
DBMS_RXS_LIB XS$NAME_LIST XS$ROLE_GRANT_TYPE
DUAL XS$OBJ XS$VERIFIERS
PLITBLM XS$PRIN XS_ADMIN_INT
USER$ XS$PROXY_ROLE XS_ADMIN_UTIL
USER_HISTORY$ XS$ROLESET_ROLES XS_MTCACHE_INT
XS$ACE XS$ROLE_GRANT XS_PRINCIPAL
XS$ACE_PRIV XS$ROLE_GRANT_LIST  
Documented No
Exceptions
Error Code Reason
   
   
   
First Available 12.1
Security Model Owned by SYS with no privileges granted
Source {ORACLE_HOME}/rdbms/admin/prvtprin.plb
Subprograms
 
ADD_PROXY_TO_DBUSER
Undocumented xs_principal_int.add_proxy_to_dbuser(
database_user IN VARCHAR2,
proxy_user    IN VARCHAR2,
is_external   IN BOOLEAN);
TBD
 
ADD_PROXY_TO_SCHEMA_INTERNAL
Undocumented xs_principal_int.add_proxy_to_schema_internal(
database_user IN VARCHAR2,
proxy_user    IN VARCHAR2,
is_external   IN BOOLEAN);
TBD
 
ADD_PROXY_USER
Undocumented

Overload 1
xs_principal_int.add_proxy_user(
target_user  IN VARCHAR2,
proxy_user   IN VARCHAR2,
target_roles IN sys.xs$name_list);
TBD
Overload 2 xs_principal_int.add_proxy_user(
target_user IN VARCHAR2,
proxy_user  IN VARCHAR2);
TBD
 
CREATE_DYNAMIC_ROLE
Undocumented xs_principal_int.create_dynamic_role(
name        IN VARCHAR2,
duration    IN BINARY_INTEGER,
scope       IN BINARY_INTEGER,
description IN VARCHAR2,
acl         IN VARCHAR2);
exec xs_principal_int.create_dynamic_role('DYNTEST', 10, 1, 'Test Dyn Role', NULL);

PL/SQL procedure successfully completed.

col description format a110
col duration format a8
col name format a20
col scope format a7

SELECT name, duration, system_defined, scope, description
FROM dba_xs_dynamic_roles
ORDER BY 1;

NAME                 DURATION SYS SCOPE DESCRIPTION
-------------------- ---------- --- ------- ---------------------------------------------
DBMS_AUTH                       YES SESSION A dynamic role granted to an application user
                                            authenticated via direct login to the
                                            database
DBMS_PASSWD                     YES SESSION A dynamic role granted to an application user
                                            authenticated via direct login to the
                                            database using password
DYNTEST                      10 NO  REQUEST Test Dyn Role
EXTERNAL_DBMS_AUTH              YES SESSION A dynamic role enabled in directly logged in
                                            external user session
MIDTIER_AUTH                    YES SESSION A dynamic role granted to an application user
                                            authenticated via middle tier
XSAUTHENTICATED                 YES SESSION A dynamic role granted to every authenticated
                                            application user
XSSWITCH                        YES SESSION An application dynamic role used to indicate
                                            that a proxy user was switched to a client
                                            user
 
CREATE_ROLE
Undocumented xs_principal_int.create_role(
name            IN VARCHAR2,
enabled         IN BOOLEAN,
start_date      IN TIMESTAMP WITH TIME ZONE,
end_date        IN TIMESTAMP WITH TIME ZONE,
guid            IN RAW,
external_source IN VARCHAR2,
description     IN VARCHAR2);
exec xs_principal_int.create_role('TEST', TRUE, SYSDATE, SYSDATE+7, SYS_GUID(), NULL, 'Test Role');

PL/SQL procedure successfully completed.

set linesize 201
col description format a90
col end_date format a20
col external_source format a16
col start_date format a20

SELECT name, default_enabled, TRUNC(start_date), TRUNC(end_date)
FROM dba_xs_roles
ORDER BY 1;

NAME             DEF TRUNC(START_DATE)    TRUNC(END_DATE)
---------------- --- -------------------- --------------------
TEST             YES 21-NOV-2021 00:00:00 28-NOV-2021 00:00:00
XSBYPASS         NO
XSCACHEADMIN     YES
XSCONNECT        YES
XSDISPATCHER     YES
XSNAMESPACEADMIN YES
XSPROVISIONER    YES
XSPUBLIC         YES
XSSESSIONADMIN   YES


SELECT name, description
FROM dba_xs_roles
ORDER BY 1;

NAME             DESCRIPTION
---------------- ---------------------------------------------------------------------
TEST             Test Role
XSBYPASS         An application role used to bypass the restrictions imposed by system
                 constraining ACL
XSCACHEADMIN     An application role used for midtier cache administration
XSCONNECT        An application role used to grant create session privilege to RAS
                 direct logon user
XSDISPATCHER     An application role used for dispatcher
XSNAMESPACEADMIN An application role used for namespace attribute administration
XSPROVISIONER    An application role used to grant provision and callback privileges
XSPUBLIC         An application role enabled in every application user session
XSSESSIONADMIN   An application role used for session administration
 
CREATE_USER
Undocumented xs_principal_int.create_user(
name            IN VARCHAR2,
schema          IN VARCHAR2,
status          IN BINARY_INTEGER,
start_date      IN TIMESTAMP WITH TIME ZONE,
end_date        IN TIMESTAMP WITH TIME ZONE,
guid            IN RAW,
external_source IN VARCHAR2,
description     IN VARCHAR2,
acl             IN VARCHAR2);
TBD
 
DELETE_PRINCIPAL
Undocumented xs_principal_int.delete_principal(
principal     IN VARCHAR2,
delete_option IN BINARY_INTEGER);
TBD
 
ENABLE_BY_DEFAULT
Undocumented xs_principal_int.enable_by_default(
role    IN VARCHAR2,
enabled IN BOOLEAN);
TBD
 
ENABLE_ROLES_BY_DEFAULT
Undocumented xs_principal_int.enable_roles_by_default(
user    IN VARCHAR2,
enabled IN BOOLEAN);
TBD
 
GET_PRIN_TYPE
Undocumented xs_principal_int.get_prin_type(
prin_name IN  VARCHAR2,
prin_id   OUT NUMBER)
RETURN BINARY_INTEGER,;
DECLARE
 outVal NUMBER;
 retVal BINARY_INTEGER;
BEGIN
  retVal := xs_principal_int.get_prin_type('XSPUBLIC', outVal);
  dbms_output.put_line(outVal);
  dbms_output.put_line(retVal);
END;
/
2147484637
1

PL/SQL procedure successfully completed.
 
GET_VERIFIER_TYPE
Undocumented xs_principal_int.get_verifier_type(prin_id IN NUMBER) RETURN BINARY_INTEGER,;
TBD
 
GRANT_ROLES
Undocumented

Overload 1
xs_principal_int.grant_roles(
grantee    IN VARCHAR2,
role       IN VARCHAR2,
start_date IN TIMESTAMP WITH TIME ZONE,
end_date   IN TIMESTAMP WITH TIME ZONE);
TBD
Overload 2 xs_principal_int.grant_roles(
grantee   IN VARCHAR2,
role_list IN sys.xs$role_grant_list);
TBD
 
REMOVE_PROXY_FROM_DBUSER
Undocumented

Overload 1
xs_principal_int.remove_proxy_from_dbuser(
database_user IN VARCHAR2,
proxy_user    IN VARCHAR2);
TBD
Overload 2 xs_principal_int.remove_proxy_from_dbuser(database_user IN VARCHAR2);
TBD
 
REMOVE_PROXY_USERS
Undocumented

Overload 1
xs_principal_int.remove_proxy_users(target_user IN VARCHAR2);
TBD
Overload 2 xs_principal_int.remove_proxy_users(
target_user IN VARCHAR2,
proxy_user  IN VARCHAR2);
TBD
 
REVOKE_ROLES
Undocumented

Overload 1
xs_principal_int.revoke_roles(grantee IN VARCHAR2);
TBD
Overload 2 xs_principal_int.revoke_roles(
grantee IN VARCHAR2,
role    IN VARCHAR2);
TBD
Overload 3 xs_principal_int.revoke_roles(
grantee   IN VARCHAR2,
role_list IN sys.xs$name_list);
TBD
 
RM_PROXY_FROM_SCHEMA_INTERNAL
Undocumented xs_principal_int.rm_proxy_from_schema_internal(
database_user IN VARCHAR2,
proxy_user    IN VARCHAR2);
TBD
 
SET_ACL
Undocumented xs_principal_int.set_acl(
principal IN VARCHAR2,
acl       IN VARCHAR2,
prin_id   IN NUMBER);
TBD
 
SET_DESCRIPTION
Undocumented xs_principal_int.set_description(
principal   IN VARCHAR2,
description IN VARCHAR2,
prin_id     IN NUMBER);
TBD
 
SET_DYNAMIC_ROLE_DURATION
Undocumented xs_principal_int.set_dynamic_role_duration(
role     IN VARCHAR2,
duration IN BINARY_INTEGER);
TBD
 
SET_DYNAMIC_ROLE_SCOPE
Undocumented xs_principal_int.set_dynamic_role_scope(
role  IN VARCHAR2,
scope IN BINARY_INTEGER);
TBD
 
SET_EFFECTIVE_DATES
Undocumented xs_principal_int.set_effective_dates(
principal  IN VARCHAR2,
start_date IN TIMESTAMP WITH TIME ZONE,
end_date   IN TIMESTAMP WITH TIME ZONE,
prin_id    IN NUMBER);
TBD
SET_GUID
Undocumented xs_principal_int.set_guid(
principal IN VARCHAR2,
guid      IN RAW,
prin_id   IN NUMBER);
TBD
 
SET_PASSWORD_INTERNAL
Undocumented xs_principal_int.set_password_internal(
username    IN  VARCHAR2,
old_pwd     IN  VARCHAR2,
new_pwd     IN  VARCHAR2,
self_change IN  BOOLEAN,
type        IN  BINARY_INTEGER,
verifier    OUT VARCHAR2);
TBD
 
SET_PROFILE_INTERNAL
Undocumented xs_principal_int.set_profile_internal(
userid   IN NUMBER,
profname IN VARCHAR2);
TBD
 
SET_USER_SCHEMA
Undocumented xs_principal_int.set_user_schema(
user   IN VARCHAR2,
schema IN VARCHAR2);
TBD
 
SET_USER_STATUS
Undocumented xs_principal_int.set_user_status(
userid IN NUMBER,
status IN BINARY_INTEGER);
SELECT prin#, status
FROM xs$prin
WHERE prin# = 2147484638;

     PRIN#  STATUS
---------- -------
2147484638       1

exec xs_principal_int.set_user_status(2147484638, 0);

PL/SQL procedure successfully completed.

/

     PRIN#  STATUS
---------- -------
2147484638       0

exec xs_principal_int.set_user_status(2147484638, 1);

     PRIN#  STATUS
---------- -------
2147484638       1
 
SET_USER_STATUS_INTERNAL
Undocumented xs_principal_int.set_user_status_internal(
userid IN NUMBER,
status IN BINARY_INTEGER);
TBD
 
SET_VERIFIER_HELPER
Undocumented xs_principal_int.set_verifier_helper(
user     IN VARCHAR2,
verifier IN VARCHAR2,
type     IN BINARY_INTEGER,
caller   IN BINARY_INTEGER);
TBD
 
SET_VERIFIER_INTERNAL
Undocumented xs_principal_int.set_verifier_internal(
username IN VARCHAR2,
verifier IN VARCHAR2,
type     IN BINARY_INTEGER,
caller   IN BINARY_INTEGER);
TBD

Related Topics
Built-in Functions
Built-in Packages
Database Security
XS_PRINCIPAL
What's New In 19c
What's New In 20c-21c

Morgan's Library Page Footer
This site is maintained by Dan Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2021 Daniel A. Morgan All Rights Reserved
  DBSecWorx