Creating ACLs in Oracle 11g
In Oracle 10g, network access was pretty easy. Just fire up a UTL_HTTP request and voila, you’re data appears.
In 11h, everything is locked down, here is where Access Control Lists (ACLs) come into play.
To allow a user to access external resources, i.e. web content, you must create an ACL, assign users or roles to it and add websites and port numbers.
Look at the following example for one of my other sites.
begin
dbms_network_acl_admin.create_acl (
acl => 'utl_http1.xml',
description => 'HTTP Access',
principal => 'RIVPACS',
is_grant => TRUE,
privilege => 'connect',
start_date => null,
end_date => null
);
dbms_network_acl_admin.add_privilege (
acl => 'utl_http1.xml',
principal => 'RIVPACS',
is_grant => TRUE,
privilege => 'resolve',
start_date => null,
end_date => null
);
dbms_network_acl_admin.assign_acl (
acl => 'utl_http1.xml',
host => 'www.rict.org.uk',
lower_port => 80,
upper_port => 80
);
commit;
end;
As you can see, i’m granting the rivpacs user access to rict.org.uk which is a site my software accesses to get user preferences from.
Pretty easy when you know how.
Blucel is a software consultancy specialising in Oracle and the Internet. We are currently accepting commisions