Login  Register

ACL

classic Classic list List threaded Threaded
2 messages Options Options
Embed post
Permalink
big
Reply | Threaded
Open this post in threaded view
| More
Print post
Permalink

ACL

big
442 posts
Hi,
on R12.2.4 DB 11.2.0.4, on AIX
I want  to run PL/SQL code making calls to the following Oracle Supplied Packages without error.
UTL_HTTP.
I follow: ORA-24247 Using UTL_TCP, UTL_HTTP, UTL_SMTP And UTL_MAIL With 11gR1 Or Later (Doc ID 1209644.1)
IT suggests to run:
BEGIN
  DBMS_NETWORK_ACL_ADMIN.create_acl (
    acl          => 'local_sx_acl_file.xml',
    description  => 'A test of the ACL functionality',
    principal    => 'WC',
    is_grant     => TRUE,
    privilege    => 'connect',
    start_date   => SYSTIMESTAMP,
    end_date     => NULL);
end;

begin
  DBMS_NETWORK_ACL_ADMIN.assign_acl (
    acl         => 'local_sx_acl_file.xml',
    host        => 'localhost',
    lower_port  => 9002,
    upper_port  => NULL);    
end;

My questions are:
Which server is host? EBS application server? DB server or others?
Which port ?
Do we need also  "resolve" privilege?
Thanks.
Reply | Threaded
Open this post in threaded view
| More
Print post
Permalink

Re: ACL

ErmanArslansOracleBlog
Administrator
5727 posts
Host is the host that you are trying to reach, trying to access.
Port is the port of that host that you are trying to reach.. That target server listens from that port and you reach it through that port.

See -> https://ermanarslan.blogspot.com/2015/01/rdbms-acknowledgement-solution-for.html

As for the "resolve" -> A database user needs the connect privilege to an external network host computer if he or she is connecting using the UTL_TCP, UTL_HTTP, UTL_SMTP, and UTL_MAIL utility packages. To resolve a host name that was given a host IP address, or the IP address that was given a host name, with the UTL_INADDR package, grant the database user the resolve privilege.

Host: Host to which the ACL is to be assigned. The host can be the name or the IP address of the host. A wildcard can be used to specify a domain or a IP subnet. The host or domain name is case-insensitive.

lower_port :Lower bound of a TCP port range if not NULL

upper_port : Upper bound of a TCP port range. If NULL, lower_port is assumed.


Ref: https://docs.oracle.com/cd/E18283_01/appdev.112/e16760/d_networkacl_adm.htm , DBMS_NETWORK_ACL_ADMIN