Trigger for creating new user

Question

I have a table called LOGIN_NAMES which maintains a list of all login ids under the column login_id. I'm trying to write a trigger that creates a new user on inserting a value to login_id something like the below code:

CREATE OR REPLACE TRIGGER login_id_create
  AFTER INSERT OR UPDATE
  ON  mySchema.LOGIN_NAMES
  FOR EACH ROW
BEGIN
  CREATE USER :NEW.login_id 
  IDENTIFIED BY password 
  DEFAULT TABLESPACE users
  QUOTA 10M ON users
  PASSWORD EXPIRE;

  GRANT CONNECT TO :NEW.login_id;
END

Isn't it possible to create users through triggers? If possible what would be the correct syntax?

Answer 1

Creating a user is DDL. DDL involves two implicit commits, one before the statement is run and once after the statement is run. Triggers (unless declared to use autonomous transactions which would not be appropriate here) cannot commit or rollback a transaction. So you can't issue DDL from a trigger. You wouldn't want to if you could-- what if the transaction that inserted a row in LOGIN_NAMES was rolled back, for example, or what if Oracle had to execute the trigger multiple times for write consistency.

You could use the dbms_job package to submit a job that would run once the triggering transaction committed that would use dynamic SQL (EXECUTE IMMEDIATE most likely) to create the user and run the GRANT. I'm hard-pressed to imagine that you'd want that to happen on UPDATE rather than just on INSERT otherwise you'd be trying (and failing) to create a user every time someone updated some attribute in your table. It would be a very unusual design to want to configure things this way-- if you want to maintain your own table to store information about users, that would normally mean that you want to create application users rather than Oracle users. If you want to create Oracle users, it generally wouldn't make sense to create your own table to store that information, just take it from dba_users.