Oracle 12c Apex 4.2 ORA-24247网络访问被访问控制列表(ACL)拒绝 [英] Oracle 12c Apex 4.2 ORA-24247 network access denied by access control list (ACL)

问题描述

希望你也能帮助我.

我正在开发APEX应用程序.

I'm developing an APEX-Application.

Oracle 12c APEX 4.2.  

我正在使用pdborcl中的工作区wrk_projects.

I'm using the workspace wrk_projects in pdborcl.

我需要有关客户的一些信息.客户端将在同一个域中执行操作.
因此，我正在构建报告:

I need some information about the client. The client will act in the same domain.
So I'm building a report:

select utl_inaddr.get_host_name(sys_context('userenv','ip_address')) as hostname from dual;

运行时:

报告错误:
ORA-24247网络访问被访问控制列表(ACL)拒绝

report error:
ORA-24247 network access denied by access control list (ACL)

我的问题是: 我必须在容器或pdb中定义ACL?
如何找出我必须授予ACL的用户? 还有其他提示吗?

My question is: I have to define the ACL in the container or in pdb?
How to find out the user I have to grant the ACL to? Any other tips?

推荐答案

Oracle Apex文档:授予Oracle Database 12c中的连接特权

在《 Oracle Application Express应用程序构建器用户指南->管理应用程序安全性》下可以找到

Which can be found under "Oracle Application Express Application Builder User's Guide -> Managing Application Security"

过程CREATE_ACL，ASSIGN_ACL，ADD_PRIVILEGE和CHECK_PRIVILEGE Oracle数据库12c中已弃用DBMS_NETWORK_ACL_ADMIN中的. Oracle建议改为使用APPEND_HOST_ACE.下面的例子 演示了如何为任何主机授予连接特权 APEX_050000数据库用户.本示例假设您已连接到 将Oracle Application Express安装为SYS的数据库 指定SYSDBA角色.

Procedures CREATE_ACL, ASSIGN_ACL, ADD_PRIVILEGE and CHECK_PRIVILEGE in DBMS_NETWORK_ACL_ADMIN are deprecated in Oracle Database 12c. Oracle recommends using APPEND_HOST_ACE instead. The following example demonstrates how to grant connect privileges to any host for the APEX_050000 database user. This example assumes you connected to the database where Oracle Application Express is installed as SYS specifying the SYSDBA role.

BEGIN
    DBMS_NETWORK_ACL_ADMIN.APPEND_HOST_ACE(
        host => '*',
        ace => xs$ace_type(privilege_list => xs$name_list('connect'),
                           principal_name => 'apex_050000',
                           principal_type => xs_acl.ptype_db));
END;
/

下面的示例演示如何提供较少的特权 访问本地网络资源.这个例子可以访问 仅限本地主机上的服务器，例如电子邮件和报告服务器.

The following example demonstrates how to provide less privileged access to local network resources. This example enables access to servers on the local host only, such as email and report servers.

BEGIN
    DBMS_NETWORK_ACL_ADMIN.APPEND_HOST_ACE(
        host => 'localhost',
        ace => xs$ace_type(privilege_list => xs$name_list('connect'),
                           principal_name => 'apex_050000',
                           principal_type => xs_acl.ptype_db));
END;
/

除此之外，这可能取决于您如何在数据库中配置顶点.您是在cdb中使用apex，还是链接了apex对象(因此，所有数据库都安装了一个apex)，或者每个pdb使用的是不同的apex安装.我猜这只是一次安装.我的猜测(我不是DBA)是您必须将其授予根用户.

Other than that, it might depends on how you have configured apex in your db. Are you using apex in the cdb and are the apex objects linked up (thus: one apex install for all db's) or are you using different apex installations per pdb. I'm guessing it's just the single install. My guess (I'm no DBA) is that you'll have to grant it to the user in the root.

这篇关于Oracle 12c Apex 4.2 ORA-24247网络访问被访问控制列表(ACL)拒绝的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！