-- step 1: Create the Access Control List and its Privilege Definitions BEGIN DBMS_NETWORK_ACL_ADMIN.CREATE_ACL ( acl => 'my_acl.xml', description => 'Limit the use of package utl_http til webservice', principal => 'SCOTT', is_grant => TRUE, privilege => 'connect'); END; / -- Step 2: Assign the Access Control List to One or More Network Hosts -- After you create the access control list, then you are ready to assign it to one or more network host computers. BEGIN DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL ( acl => 'my_acl.xml', host => '*'); END; /
In the code above, there is no restrictions on which ports to use. If desirable, use the lower_port and upper_port directives in the ASSIGN_ACL procedure. You can also assign the ACL to apply to one specific host, or group of hosts.
For example
BEGIN DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL ( acl => 'my_acl.xml', host => 'appserver1.mycompany.com', lower_port => 80, upper_port => 3999); END; /
You can find information about the currently set up ACLs in the following views:
Sources: Oracle Documentation
http://docs.oracle.com/cd/E11882_01/network.112/e36292/authorization.htm#DBSEG121 - creating an ACL
http://docs.oracle.com/cd/E11882_01/network.112/e36292/authorization.htm#DBSEG99984 - finding information about ACL
http://docs.oracle.com/cd/E11882_01/network.112/e36292/authorization.htm#DBSEG106 - Specifying a Group of Network Host
No comments:
Post a Comment