授权用户访问数据字典三种方式
2017-11-21 17:48
429 查看
在很多时候,希望给用户最小的权限,让其访问系统数据字典,检查数据库的运行状态。这种事情在乙方的工作中非常常见。下面介绍三种方法处理这个问题
0.select any table权限
这里说明select any table不能直接访问数据字典
SQL> conn / as sysdba
Connected.
SQL> create user xff_any identified by xifenfei;
User created.
SQL> grant connect,select any table to xff_any;
Grant succeeded.
SQL> conn xff_any/xifenfei
Connected.
SQL> select count(*) from dba_users;
select count(*) from dba_users
*
ERROR at line 1:
ORA-00942: table or view does not exist
SQL> select count(*) from chf.t_xff;
COUNT(*)
----------
2770
select any table默认情况下,只能访问业务的表,但是不能访问数据字典的数据。所以单纯的这个属性不能满足需求。
1.SELECT ANY DICTIONARY权限
SQL>
conn / as sysdba
Connected.
SQL> create user xff_DICTIONARY identified by xifenfei;
User created.
SQL> grant connect to xff_DICTIONARY;
Grant succeeded.
SQL> conn xff_DICTIONARY/xifenfei
Connected.
SQL> select count(*) from dba_users;
select count(*) from dba_users
*
ERROR at line 1:
ORA-00942: table or view does not exist
SQL> conn / as sysdba
Connected.
SQL> grant SELECT ANY DICTIONARY to xff_DICTIONARY;
Grant succeeded.
SQL> conn xff_DICTIONARY/xifenfei
Connected.
SQL> select count(*) from dba_users;
COUNT(*)
----------
32
SQL> select count(*) from chf.t_xff;
select count(*) from chf.t_xff
*
ERROR at line 1:
ORA-00942: table or view does not exist
这里可以看出SELECT
ANY DICTIONARY权限只能访问数据字典,不能访问业务的表,访问业务的表需要另外授权
2.SELECT_CATALOG_ROLE角色
这里可以看出SELECT_CATALOG_ROLE权限只能访问数据字典,不能访问业务的表,访问业务的表需要另外授权
3.O7_DICTIONARY_ACCESSIBILITY参数
SQL>
conn / as sysdba
Connected.
SQL> create user xff_O7 identified by xifenfei;
User created.
SQL> grant connect to xff_o7;
Grant succeeded.
SQL> alter system set O7_DICTIONARY_ACCESSIBILITY=true;
alter system set O7_DICTIONARY_ACCESSIBILITY=true
*
ERROR at line 1:
ORA-02095: specified initialization parameter cannot be modified
SQL> alter system set O7_DICTIONARY_ACCESSIBILITY=true scope=spfile;
System altered.
SQL> shutdown immediate;
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> startup
ORACLE instance started.
Total System Global Area 368263168 bytes
Fixed Size 1345016 bytes
Variable Size 306186760 bytes
Database Buffers 54525952 bytes
Redo Buffers 6205440 bytes
Database mounted.
Database opened.
SQL> conn xff_o7/xifenfei
Connected.
SQL> select count(*) from dba_users;
COUNT(*)
----------
34
这里通过O7_DICTIONARY_ACCESSIBILITY和SELECT
ANY TABLE权限,实现访问业务数据和数据字典
0.select any table权限
这里说明select any table不能直接访问数据字典
SQL> conn / as sysdba
Connected.
SQL> create user xff_any identified by xifenfei;
User created.
SQL> grant connect,select any table to xff_any;
Grant succeeded.
SQL> conn xff_any/xifenfei
Connected.
SQL> select count(*) from dba_users;
select count(*) from dba_users
*
ERROR at line 1:
ORA-00942: table or view does not exist
SQL> select count(*) from chf.t_xff;
COUNT(*)
----------
2770
select any table默认情况下,只能访问业务的表,但是不能访问数据字典的数据。所以单纯的这个属性不能满足需求。
1.SELECT ANY DICTIONARY权限
SQL>
conn / as sysdba
Connected.
SQL> create user xff_DICTIONARY identified by xifenfei;
User created.
SQL> grant connect to xff_DICTIONARY;
Grant succeeded.
SQL> conn xff_DICTIONARY/xifenfei
Connected.
SQL> select count(*) from dba_users;
select count(*) from dba_users
*
ERROR at line 1:
ORA-00942: table or view does not exist
SQL> conn / as sysdba
Connected.
SQL> grant SELECT ANY DICTIONARY to xff_DICTIONARY;
Grant succeeded.
SQL> conn xff_DICTIONARY/xifenfei
Connected.
SQL> select count(*) from dba_users;
COUNT(*)
----------
32
SQL> select count(*) from chf.t_xff;
select count(*) from chf.t_xff
*
ERROR at line 1:
ORA-00942: table or view does not exist
这里可以看出SELECT
ANY DICTIONARY权限只能访问数据字典,不能访问业务的表,访问业务的表需要另外授权
2.SELECT_CATALOG_ROLE角色
这里可以看出SELECT_CATALOG_ROLE权限只能访问数据字典,不能访问业务的表,访问业务的表需要另外授权
3.O7_DICTIONARY_ACCESSIBILITY参数
SQL>
conn / as sysdba
Connected.
SQL> create user xff_O7 identified by xifenfei;
User created.
SQL> grant connect to xff_o7;
Grant succeeded.
SQL> alter system set O7_DICTIONARY_ACCESSIBILITY=true;
alter system set O7_DICTIONARY_ACCESSIBILITY=true
*
ERROR at line 1:
ORA-02095: specified initialization parameter cannot be modified
SQL> alter system set O7_DICTIONARY_ACCESSIBILITY=true scope=spfile;
System altered.
SQL> shutdown immediate;
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> startup
ORACLE instance started.
Total System Global Area 368263168 bytes
Fixed Size 1345016 bytes
Variable Size 306186760 bytes
Database Buffers 54525952 bytes
Redo Buffers 6205440 bytes
Database mounted.
Database opened.
SQL> conn xff_o7/xifenfei
Connected.
SQL> select count(*) from dba_users;
COUNT(*)
----------
34
这里通过O7_DICTIONARY_ACCESSIBILITY和SELECT
ANY TABLE权限,实现访问业务数据和数据字典
相关文章推荐
- java中内部类的创建四种情况,三种方式,及内部数据访问权限
- opencv Mat数据的三种标准访问方式
- struts2 lesson one: 的action特征,三种创建方法,action接收表单数据的三种访问,读取方式
- opencv Mat数据的三种标准访问方式
- LinkServer--访问远程数据表三种方式
- Android数据存储和访问之SharedPreferences存储方式_用户登录记住密码案例
- 驱动程序访问用户模式数据缓冲区的三种方式
- opencv Mat数据的三种标准访问方式
- 10046解决PLSQL访问数据字典 显示授权问题
- 网站分析数据(即用户行为数据)的三种收集方式详解
- mysql创建用户和授权的三种方式
- oracle授权另外一个用户访问自己创建的数据对象
- oracle授权另外一个用户访问自己创建的数据对象
- 搭建FTP服务,实现三种方式的访问:1.匿名访问;2,本地用户访问;3虚拟用户访问。
- oracle授权另外一个用户访问自己创建的数据对象
- EDM数据访问的三种方式
- oracle授权另外一个用户访问自己创建的数据对象
- OAuth(开放授权):(第三方)通过(授权)令牌(Access Token)访问用户数据
- opencv Mat数据的三种标准访问方式
- 跨用户访问数据表的方式