官方文档内容:
Note:
This procedure is deprecated in Oracle Database 12c. While the procedure remains available in the package for reasons of backward compatibility, Oracle recommends using the APPEND_HOST_ACE Procedure and the APPEND_WALLET_ACE Procedure.
创建一个ACL并且授予默认的权限. An ACL must have at least one privilege setting. The ACL has no access control effect unless it is assigned to the network target.
Syntax
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL (
acl IN VARCHAR2,
description IN VARCHAR2,
principal IN VARCHAR2,
is_grant IN BOOLEAN,
privilege IN VARCHAR2,
start_date IN TIMESTAMP WITH TIMEZONE DEFAULT NULL,
end_date IN TIMESTAMP WITH TIMEZONE DEFAULT NULL );
Parameters
Usage Notes
To drop the access control list, use the DROP_ACL Procedure.
Examples
BEGIN
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL(
acl => 'us-example-com-permissions.xml',
description => 'Network permissions for *.us.example.com',
principal => 'SCOTT',
is_grant => TRUE,
privilege => 'connect');
END;
Note:
This procedure is deprecated in Oracle Database 12c. While the procedure remains available in the package for reasons of backward compatibility, Oracle recommends using the APPEND_HOST_ACE Procedure and the APPEND_WALLET_ACE Procedure.
增加一个允许或拒绝用户网络访问的权限This procedure adds a privilege to grant or deny the network access to the user. The access control entry (ACE) is created if it does not exist.
Syntax
DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE ( acl IN VARCHAR2, principal IN VARCHAR2, is_grant IN BOOLEAN, privilege IN VARCHAR2, position IN PLS_INTEGER DEFAULT NULL, start_date IN TIMESTAMP WITH TIMESTAMP DEFAULT NULL, end_date IN TIMESTAMP WITH TIMESTAMP DEFAULT NULL );Parameters
Examples
BEGIN DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE( acl => 'us-example-com-permissions.xml', principal => 'ST_USERS', is_grant => TRUE, privilege => 'connect') END;
Note:
This procedure is deprecated in Oracle Database 12c. While the procedure remains available in the package for reasons of backward compatibility, Oracle recommends using the APPEND_HOST_ACE Procedure and the APPEND_WALLET_ACE Procedure.
指派ACL到目标主机的权限
This procedure assigns an access control list (ACL) to a host computer, domain, or IP subnet, and if specified, the TCP port range.
Syntax
DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL ( acl IN VARCHAR2, host IN VARCHAR2, lower_port IN PLS_INTEGER DEFAULT NULL, upper_port IN PLS_INTEGER DEFAULT NULL);Parameters
Examples
BEGIN DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL( acl => 'us-example-com-permissions.xml', host => '*.us.example.com', lower_port => 80); END;
This procedure appends an access control entry (ACE) to the access control list (ACL) of a network host. The ACL controls access to the given host from the database and the ACE specifies the privileges granted to or denied from the specified principal.
Syntax
DBMS_NETWORK_ACL_ADMIN.APPEND_HOST_ACE ( host IN VARCHAR2, lower_port IN PLS_INTEGER DEFAULT NULL, upper_port IN PLS_INTEGER DEFAULT NULL, ace IN XS$ACE_TYPE);Parameters
Table 101-5 APPEND_HOST_ACE Function Parameters
12c之前有效
Note:
This procedure is deprecated in Oracle Database 12c. While the procedure remains available in the package for reasons of backward compatibility, Oracle recommends using the REMOVE_HOST_ACE Procedure and the REMOVE_WALLET_ACE Procedure.
从ACL删除权限
This procedure deletes a privilege in an access control list.
Syntax
DBMS_NETWORK_ACL_ADMIN.DELETE_PRIVILEGE ( acl IN VARCHAR2, principal IN VARCHAR2, is_grant IN BOOLEAN DEFAULT NULL, privilege IN VARCHAR2 DEFAULT NULL);Parameters
Examples
BEGIN DBMS_NETWORK_ACL_ADMIN.DELETE_PRIVILEGE( acl => 'us-example-com-permissions.xml', principal => 'ST_USERS') END;
Note:
This procedure is deprecated in Oracle Database 12c. The procedure remains available in the package only for reasons of backward compatibility.
删除一个ACL
This procedure drops an access control list (ACL).
Syntax
DBMS_NETWORK_ACL_ADMIN.DROP_ACL ( acl IN VARCHAR2);Parameters
Table 101-15 DROP_ACL Procedure Parameters
Examples
BEGIN DBMS_NETWORK_ACL_ADMIN.DROP_ACL( acl => 'us-example-com-permissions.xml'); END;
This procedure removes privileges from access control entries (ACE) in the access control list (ACL) of a network host matching the given ACE.
Syntax
DBMS_NETWORK_ACL_ADMIN.REMOVE_HOST_ACE ( host IN VARCHAR2, lower_port IN PLS_INTEGER DEFAULT NULL, upper_port IN PLS_INTEGER DEFAULT NULL, ace IN XS$ACE_TYPE, remove_empty_acl IN BOOLEAN DEFAULT FALSE);Parameters
Table 101-16 REMOVE_HOST_ACE Function Parameters
从数据库到目标主机的ACL权限
This procedure sets the access control list (ACL) of a network host which controls access to the host from the database.
Syntax
DBMS_NETWORK_ACL_ADMIN.SET_HOST_ACL ( host IN VARCHAR2, lower_port IN PLS_INTEGER DEFAULT NULL, upper_port IN PLS_INTEGER DEFAULT NULL, acl IN VARCHAR2);Parameters
Table 101-18 SET_HOST_ACL Function Parameters
This procedure sets the access control list (ACL) of a wallet which controls access to the wallet from the database.
Syntax
DBMS_NETWORK_ACL_ADMIN.SET_WALLET_ACL ( wallet_path IN VARCHAR2, acl IN VARCHAR2);Parameters
Table 101-19 SET_WALLET_ACL Function Parameters
Note:
This procedure is deprecated in Oracle Database 12c. While the procedure remains available in the package for reasons of backward compatibility, Oracle recommends using the REMOVE_HOST_ACE Procedure and the REMOVE_WALLET_ACE Procedure.
从网络主机中回收ACL权限This procedure unassigns the access control list (ACL) currently assigned to a network host.
Syntax
DBMS_NETWORK_ACL_ADMIN.UNASSIGN_ACL ( acl IN VARCHAR2 DEFAULT NULL, host IN VARCHAR2 DEFAULT NULL, lower_port IN PLS_INTEGER DEFAULT NULL, upper_port IN PLS_INTEGER DEFAULT NULL);Parameters
Examples
BEGIN DBMS_NETWORK_ACL_ADMIN.UNASSIGN_ACL( host => '*.us.example.com', lower_port => 80); END;
--1 创建 ACLbegin dbms_network_acl_admin.create_acl( acl => 'temp_acl.xml', description =>'Normal Access', principal=>'CONNECT', is_grant => true, privilege=>'connect', start_date=> null, end_date => null); end;--2. 确认acl已经生成SELECT any_path FROM resource_view WHERE any_path like '%temp_acl%';--3 为 ACL 增加一个权限begin dbms_network_acl_admin.add_privilege(acl => 'temp_acl.xml', principal => 'BJHYFP', --可以使用该acl的用户 is_grant => TRUE, privilege => 'connect', start_date => null, end_date => null); end; --4 分配将受该 ACL 制约的主机以及其他详细信息begin dbms_network_acl_admin.assign_acl( acl => 'temp_acl.xml', host => '192.168.0.189', lower_port => null, upper_port => null); end; --5 使用示例declare url varchar2(200) := 'http://192.168.0.189:8888/oraclehttp/servlet/orhttp?a=12'; req utl_http.req; resp utl_http.resp; value varchar2(2000); begin req := utl_http.begin_request(url); resp := utl_http.get_response(req); loop utl_http.read_line(resp, value, TRUE); dbms_output.put_line(value); dbms_output.put_line('网站回复' || value); end loop; utl_http.end_response(resp); EXCEPTION WHEN utl_http.end_of_body THEN utl_http.end_response(resp); end;
Note:
This procedure is deprecated in Oracle Database 12c. While the procedure remains available in the package for reasons of backward compatibility, Oracle recommends using the APPEND_HOST_ACE Procedure and the APPEND_WALLET_ACE Procedure.
创建一个ACL并且授予默认的权限. An ACL must have at least one privilege setting. The ACL has no access control effect unless it is assigned to the network target.
Syntax
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL (
acl IN VARCHAR2,
description IN VARCHAR2,
principal IN VARCHAR2,
is_grant IN BOOLEAN,
privilege IN VARCHAR2,
start_date IN TIMESTAMP WITH TIMEZONE DEFAULT NULL,
end_date IN TIMESTAMP WITH TIMEZONE DEFAULT NULL );
Parameters
Usage Notes
To drop the access control list, use the DROP_ACL Procedure.
Examples
BEGIN
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL(
acl => 'us-example-com-permissions.xml',
description => 'Network permissions for *.us.example.com',
principal => 'SCOTT',
is_grant => TRUE,
privilege => 'connect');
END;
Note:
This procedure is deprecated in Oracle Database 12c. While the procedure remains available in the package for reasons of backward compatibility, Oracle recommends using the APPEND_HOST_ACE Procedure and the APPEND_WALLET_ACE Procedure.
增加一个允许或拒绝用户网络访问的权限This procedure adds a privilege to grant or deny the network access to the user. The access control entry (ACE) is created if it does not exist.
Syntax
DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE ( acl IN VARCHAR2, principal IN VARCHAR2, is_grant IN BOOLEAN, privilege IN VARCHAR2, position IN PLS_INTEGER DEFAULT NULL, start_date IN TIMESTAMP WITH TIMESTAMP DEFAULT NULL, end_date IN TIMESTAMP WITH TIMESTAMP DEFAULT NULL );Parameters
Examples
BEGIN DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE( acl => 'us-example-com-permissions.xml', principal => 'ST_USERS', is_grant => TRUE, privilege => 'connect') END;
Note:
This procedure is deprecated in Oracle Database 12c. While the procedure remains available in the package for reasons of backward compatibility, Oracle recommends using the APPEND_HOST_ACE Procedure and the APPEND_WALLET_ACE Procedure.
指派ACL到目标主机的权限
This procedure assigns an access control list (ACL) to a host computer, domain, or IP subnet, and if specified, the TCP port range.
Syntax
DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL ( acl IN VARCHAR2, host IN VARCHAR2, lower_port IN PLS_INTEGER DEFAULT NULL, upper_port IN PLS_INTEGER DEFAULT NULL);Parameters
Examples
BEGIN DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL( acl => 'us-example-com-permissions.xml', host => '*.us.example.com', lower_port => 80); END;
This procedure appends an access control entry (ACE) to the access control list (ACL) of a network host. The ACL controls access to the given host from the database and the ACE specifies the privileges granted to or denied from the specified principal.
Syntax
DBMS_NETWORK_ACL_ADMIN.APPEND_HOST_ACE ( host IN VARCHAR2, lower_port IN PLS_INTEGER DEFAULT NULL, upper_port IN PLS_INTEGER DEFAULT NULL, ace IN XS$ACE_TYPE);Parameters
Table 101-5 APPEND_HOST_ACE Function Parameters
12c之前有效
Note:
This procedure is deprecated in Oracle Database 12c. While the procedure remains available in the package for reasons of backward compatibility, Oracle recommends using the REMOVE_HOST_ACE Procedure and the REMOVE_WALLET_ACE Procedure.
从ACL删除权限
This procedure deletes a privilege in an access control list.
Syntax
DBMS_NETWORK_ACL_ADMIN.DELETE_PRIVILEGE ( acl IN VARCHAR2, principal IN VARCHAR2, is_grant IN BOOLEAN DEFAULT NULL, privilege IN VARCHAR2 DEFAULT NULL);Parameters
Examples
BEGIN DBMS_NETWORK_ACL_ADMIN.DELETE_PRIVILEGE( acl => 'us-example-com-permissions.xml', principal => 'ST_USERS') END;
Note:
This procedure is deprecated in Oracle Database 12c. The procedure remains available in the package only for reasons of backward compatibility.
删除一个ACL
This procedure drops an access control list (ACL).
Syntax
DBMS_NETWORK_ACL_ADMIN.DROP_ACL ( acl IN VARCHAR2);Parameters
Table 101-15 DROP_ACL Procedure Parameters
Examples
BEGIN DBMS_NETWORK_ACL_ADMIN.DROP_ACL( acl => 'us-example-com-permissions.xml'); END;
This procedure removes privileges from access control entries (ACE) in the access control list (ACL) of a network host matching the given ACE.
Syntax
DBMS_NETWORK_ACL_ADMIN.REMOVE_HOST_ACE ( host IN VARCHAR2, lower_port IN PLS_INTEGER DEFAULT NULL, upper_port IN PLS_INTEGER DEFAULT NULL, ace IN XS$ACE_TYPE, remove_empty_acl IN BOOLEAN DEFAULT FALSE);Parameters
Table 101-16 REMOVE_HOST_ACE Function Parameters
从数据库到目标主机的ACL权限
This procedure sets the access control list (ACL) of a network host which controls access to the host from the database.
Syntax
DBMS_NETWORK_ACL_ADMIN.SET_HOST_ACL ( host IN VARCHAR2, lower_port IN PLS_INTEGER DEFAULT NULL, upper_port IN PLS_INTEGER DEFAULT NULL, acl IN VARCHAR2);Parameters
Table 101-18 SET_HOST_ACL Function Parameters
This procedure sets the access control list (ACL) of a wallet which controls access to the wallet from the database.
Syntax
DBMS_NETWORK_ACL_ADMIN.SET_WALLET_ACL ( wallet_path IN VARCHAR2, acl IN VARCHAR2);Parameters
Table 101-19 SET_WALLET_ACL Function Parameters
Note:
This procedure is deprecated in Oracle Database 12c. While the procedure remains available in the package for reasons of backward compatibility, Oracle recommends using the REMOVE_HOST_ACE Procedure and the REMOVE_WALLET_ACE Procedure.
从网络主机中回收ACL权限This procedure unassigns the access control list (ACL) currently assigned to a network host.
Syntax
DBMS_NETWORK_ACL_ADMIN.UNASSIGN_ACL ( acl IN VARCHAR2 DEFAULT NULL, host IN VARCHAR2 DEFAULT NULL, lower_port IN PLS_INTEGER DEFAULT NULL, upper_port IN PLS_INTEGER DEFAULT NULL);Parameters
Examples
BEGIN DBMS_NETWORK_ACL_ADMIN.UNASSIGN_ACL( host => '*.us.example.com', lower_port => 80); END;------第二回DECLARE uprinciple varchar2(20); principle varchar2(20);BEGINuprinciple:=upper('&principle');dbms_output.put_line(uprinciple); DBMS_NETWORK_ACL_ADMIN.CREATE_ACL( acl => 'us-example-com-permissions1.xml', description => 'Network permissions for *.us.example.com', principal => uprinciple, is_grant => TRUE, privilege => 'connect');END;
转载于:https://www.cnblogs.com/iyoume2008/p/5266629.html
