Learn Oracle


I have created this learn oracle "The step 10 process" Oracle Tutorial to help Database aspirants to accomplish their dream of working as Oracle Database administrator. I have tried to keep it simple and User friendly. Use NEXT and PREVIOUS Button to navaigate away and to a chapter. Since i myself had been a Database adminstrator trainer and has got real life experience of working as a Oracle DBA, I would welcome any sort of queries and doubts or modifications to webmaster@oracleonline.info.

Step 7 - Administering Roles

Learn Oracle - Administering Roles

System privileges, object privileges, and roles provide a basic level of database security. They are designed to control user access to data and to limit SQL statements that users can execute.

Privileges and roles can be granted to other users by users who possess the privilege to do so. The granting of roles and privileges starts at the administrator level. At database creation, the administrative user SYS is created and granted all system privileges and predefined Oracle roles. User SYS can then grant privileges and roles to other users, and also grant those users the right to grant specific privileges to others.

Viewing Roles

Oracle DBA can use Enterprise Manager to view existing roles as follows:

1. From the Administration home page shown in Figure 52, click the Roles link shown under the security heading.

2. The Roles page is displayed. From this page Oracle DBA can create, edit, view, or delete roles.

3. Select the CONNECT role in the Select column. Click View. The View page appears and Oracle DBA can see all of the privileges and roles associated with the CONNECT role.

Creating a New Role

Oracle DBA can create a secure application role with all privileges necessary to run an application. Oracle DBA can then grant the role to other roles or users. A user can require several different roles, each granted a different set of privileges that allow for more or less data access while using the application.

To create a new role:

1. From the Administration Page, click Roles under the Security heading.

2. Click Create.

3. On the Create Role page, enter the name of your new role. Enter APDEV to create a new role for application developers in your organization. Click OK. A page appears with a list of all roles. Oracle DBA can now modify this new role by adding the required privileges.

Modifying Roles

You can add roles, privileges, and consumer groups to roles.

To modify the APDEV role:

1. From the Administration Page, click Roles under the Security heading.

2. Click APDEV. The Edit Role: APDEV page appears. This has links to the following property pages: Roles, System Privileges, Object Privileges, and Consumer Groups. Click Roles.

3. Click Modify.

4. In the Available Roles list, double click CONNECT to add the CONNECT role to the APDEV role. Click OK.

5. You are returned to the Edit Role: APDEV page. Click System Privileges.

6. Click Modify.

7. In the Available System Privileges list, double click EXECUTE ANY PROCEDURE and SELECT ANY TABLE to add these privileges to the APDEV role. Click OK.

8. Oracle DBA are returned to the Edit Role: APDEV page. Click Object Privileges.

9. From the Select Object Type pulldown list, select Table. Click Add.

10. From the Select Table Objects box, click the browse button (flashlight). Select the HR schema in the pulldown list. To see a list of all tables in the selected schema, clear the search box and click Go. Select the JOBS table. You are returned to the Add Table Object Privileges page.

11. Double click DELETE to add the DELETE privilege to the APDEV role for the HR.JOBS table. Click OK.

Dropping Roles

To drop the APDEV role:

1. From the Administration page, click Roles under the Security heading.

2. Select the APDEV role, and click Delete. At the confirmation page, click Yes.

Oracle Tutorial - BLOGS

STEP 7 - Next Topics
For users to access your database, Oracle DBA must create user accounts and grant appropriate database access privileges to those accounts. Some user accounts are automatically included in the preconfigured database, but for security reasons, most of these accounts are locked and expired.This Step describes how to create and manage user accounts. Click on Oracle tuorial links below:
Database Administrative AccountsData Administrative Account
Administering RolesAdministering Roles
Administering Profiles
Administering Database Users
Editing Users
Dropping Users
Oracle Database - PODCASTS
More Tutorials on Oracle dba ...

Liked it ? Want to share it ? Social Bookmarking
Add to: Mr. Wong Add to: BoniTrust Add to: Newsider Add to: Digg Add to: Del.icio.us Add to: Reddit Add to: Jumptags Add to: StumbleUpon Add to: Slashdot Add to: Netscape Add to: Furl Add to: Yahoo Add to: Spurl Add to: Google Add to: Blinklist Add to: Technorati Add to: Newsvine Information

Source : Oracle Documentation | Return to Learn Oracle

Want to share or request Oracle Tutorial articles to become a Oracle DBA. Direct your requests to webmaster@oracleonline.info