Yes this is true. But the below steps that I did, were just a way to
replicate a problem that occurs in a application running on an application
server (connection pools ...). I have just restarted the application
server.
But what I want to share here is an odd problem that I observed on our DB
(Rac two nodes): After granting the permission and even after trying the
below block I get the "Permission ... has not been granted to MYUSER'
But immediately after doing creating another empty file using touch
/my/path/dummyfile the below block works.
I have encountered this seldom behavior in several environments and I have
no explanation for that.
Thanks and best regards
Ahmed
-----Original-Nachricht-----
Betreff: RE: dbms_java: grant_permission and revoke_permission only take
effect after database restart
Datum: 2021-03-15T20:30:50+0100
Von: "dimensional.dba@xxxxxxxxxxx" <dimensional.dba@xxxxxxxxxxx>
An: "ahmed.fikri@xxxxxxxxxxx" <ahmed.fikri@xxxxxxxxxxx>, "'list, oracle'"
<oracle-l@xxxxxxxxxxxxx>
Normally you just need to log out of your session and log back in.
From: oracle-l-bounce@xxxxxxxxxxxxx <oracle-l-bounce@xxxxxxxxxxxxx> On
Behalf Of ahmed.fikri@xxxxxxxxxxx
Sent: Monday, March 15, 2021 12:10 PM
To: list, oracle <oracle-l@xxxxxxxxxxxxx>
Subject: dbms_java: grant_permission and revoke_permission only take effect
after database restart
Hi all,
does dbms_java.grant_permission requires a database restart?
as sys I did following:
BEGIN
dbms_java.revoke_permission( 'MYUSER', 'SYS:java.io.FilePermission',
'/tmp/dummy/*', 'read' );
END;
SELECT * FROM dba_java_policy WHERE NAME LIKE '/%' AND grantee = 'MYUSER'
shows that the permission is granted.
as MYUSER
I run this:
DECLARE
v_name VARCHAR2(333):= '/tmp/dummy/myjar.jar';
BEGIN
dbms_java.loadjava( v_name);
EXCEPTION
WHEN OTHERS THEN
dbms_output.put_line(SQLERRM);
END;
I get following error:
ORA-29532: Java call terminated by uncaught Java exception:
java.security.AccessControlException: the Permission
(java.io.FilePermission /tmp/dummy/s.jar read) has not been granted to
MYUSER. The PL/SQL to grant this is dbms_java.grant_permission( 'MYUSER',
'SYS:java.io.FilePermission', '/tmp/dummy/myjar.jar', 'read' )
after restarting the database it works.
I wonder that but does really dbms_java.grant_permission requires a
database restart?
Best regards
Ahmed