Can you have multiple Oracle ACL files?
-
31-10-2019 - |
Question
I have an application which needs to send emails through Oracle triggers. I understand that in Oracle 11g you must have an ACL file to grant certain schemas access to the network. My plan was to create a separate ACL file for each user that needs access to the network, and then check that it has been created properly by using the following query:
SELECT * FROM DBA_NETWORK_ACLS;
However, it seems that only one record is ever returned for this query - always the latest ACL that's been created. Does this mean that you can only ever have one ACL? If so, presumably this means that when installing this application on a client's server, I must just add privileges to their existing ACL rather than trying to create a new one?
Thanks!
UPDATE
These are the commands I'm using:
--create ACL for USER1
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL(ACL => 'testacl1.xml',
DESCRIPTION => 'ACL',
PRINCIPAL => 'USER1',
IS_GRANT => TRUE,
PRIVILEGE => 'connect');
DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE(ACL => 'testacl1.xml',
PRINCIPAL => 'USER1',
IS_GRANT => TRUE,
PRIVILEGE => 'resolve');
DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL(ACL => 'testacl1.xml', host => '*');
--create ACL for USER2
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL(ACL => 'testacl2.xml',
DESCRIPTION => 'ACL',
PRINCIPAL => 'USER2',
IS_GRANT => TRUE,
PRIVILEGE => 'connect');
DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE(ACL => 'testacl2.xml',
PRINCIPAL => 'USER2',
IS_GRANT => TRUE,
PRIVILEGE => 'resolve');
DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL(ACL => 'testacl2.xml', host => '*');
The problem is that testacl2 seems to be overwriting testacl1. Does this mean that I can only have one ACL file, or one ACL file per host?
No correct solution