Actions As SYS |
Note: USERENV is an Oracle provided namespace that describes the current session. |
Syntax | SELECT sys_context(‘<namespace>‘, ‘<parameter>‘, <length>); FROM DUAL; |
|
Attribute | Return Value |
ACTION | Identifies the position in the module (application name) and is set through the DBMS_APPLICATION_INFO package or OCI. |
SELECT sys_context(‘USERENV‘, ‘ACTION‘) FROM DUAL; exec dbms_application_info.set_action(‘INSERTING‘); SELECT sys_context(‘USERENV‘, ‘ACTION‘) FROM DUAL; |
AUDITED_CURSORID | Returns the cursor ID of the SQL that triggered the audit. This parameter is not valid in a fine-grained auditing environment. If you specify it in such an environment, Oracle Database always returns NULL. |
AUTHENTICATED_IDENTITY | Returns the identity used in authentication. In the list that follows, the type of user is followed by the value returned: - Kerberos-authenticated enterprise user: kerberos principal name
- Kerberos-authenticated external user : kerberos principal name; same as the schema name
- SSL-authenticated enterprise user: the DN in the user‘s PKI certificate
- SSL-authenticated external user: the DN in the user‘s PKI certificate
- Password-authenticated enterprise user: nickname; same as the login name
- Password-authenticated database user: the database username; same as the schema name
- OS-authenticated external user: the external operating system user name
- Radius/DCE-authenticated external user: the schema name
- Proxy with DN : Oracle Internet Directory DN of the client
- Proxy with certificate: certificate DN of the client
- Proxy with username: database user name if client is a local database user; nickname if client is an enterprise user
- SYSDBA/SYSOPER using Password File: login name
- SYSDBA/SYSOPER using OS authentication: operating system user name
|
AUTHENTICATION_DATA | Data being used to authenticate the login user. For X.503 certificate authenticated sessions, this field returns the context of the certificate in HEX2 format. Note: You can change the return value of the AUTHENTICATION_DATA attribute using the length parameter of the syntax. Values of up to 4000 are accepted. This is the only attribute of USERENV for which Oracle implements such a change. |
AUTHENTICATION_METHOD | Returns the method of authentication. In the list that follows, the type of user is followed by the method returned. - Password-authenticated enterprise user, local database user, or SYSDBA/SYSOPER using Password File; proxy with username using password: PASSWORD
- Kerberos-authenticated enterprise or external user: KERBEROS
- SSL-authenticated enterprise or external user: SSL
- Radius-authenticated external user: RADIUS
- OS-authenticated external user or SYSDBA/SYSOPER: OS
- DCE-authenticated external user: DCE
- Proxy with certificate, DN, or username without using password: NONE
|
BG_JOB_ID | Job ID of the current session if it was established by an Oracle background process. Null if the session was not established by a background process. |
CLIENT_IDENTIFIER | Returns an identifier that is set by the application through the DBMS_SESSION.SET_IDENTIFIER procedure, the OCI attribute OCI_ATTR_CLIENT_IDENTIFIER, or the Java class Oracle.jdbc.OracleConnection.setClientIdentifier. This attribute is used by various database components to identify lightweight application users who authenticate as the same user. |
SELECT sys_context(‘USERENV‘, ‘CLIENT_IDENTIFIER‘) FROM DUAL; exec dbms_session.set_identifier(USER || ‘ ‘ || SYSTIMESTAMP); SELECT sys_context(‘USERENV‘, ‘CLIENT_IDENTIFIER‘) FROM DUAL; |
CLIENT_INFO | Returns user session information that can be stored by an application using the DBMS_APPLICATION_INFO package. |
SELECT sys_context(‘USERENV‘, ‘CLIENT_INFO‘) FROM DUAL; exec dbms_application_info.set_client_info(‘TEST‘); SELECT sys_context(‘USERENV‘, ‘CLIENT_INFO‘) FROM DUAL; |
CURRENT_BIND | The bind variables for fine-grained auditing |
CURRENT_EDITION_ID | The numeric identifier of the current edition |
SELECT sys_context(‘USERENV‘, ‘CURRENT_EDITION_ID‘) FROM DUAL; |
CURRENT_EDITION_NAME | The name of the current edition |
SELECT sys_context(‘USERENV‘, ‘CURRENT_EDITION_NAME‘) FROM DUAL; |
CURRENT_SCHEMA | Name of the default schema being used in the current schema. This value can be changed during the session with anALTER SESSION SET CURRENT_SCHEMA statement. |
SELECT sys_context(‘USERENV‘, ‘CURRENT_SCHEMA‘) FROM DUAL; |
CURRENT_SCHEMAID | Identifier of the default schema being used in the current session. |
SELECT sys_context(‘USERENV‘, ‘CURRENT_SCHEMAID‘) FROM DUAL; SELECT user# FROM sys.user$ WHERE name = USER; |
CURRENT_SQL | Returns the first 4K bytes of the current SQL that triggered the fine-grained auditing event. |
CURRENT_SQLn | CURRENT_SQLn attributes return subsequent 4K-byte increments, where n can be an integer from 1 to 7, inclusive. CURRENT_SQL1 returns bytes 4K to 8K; CURRENT_SQL2 returns bytes 8K to 12K, and so forth. You can specify these attributes only inside the event handler for the fine-grained auditing feature. |
CURRENT_SQL_LENGTH | The length of the current SQL statement that triggers fine-grained audit or row-level security (RLS) policy functions or event handlers. Valid only inside the function or event handler. |
DB_DOMAIN | Domain of the database as specified in the DB_DOMAIN initialization parameter. |
SELECT sys_context(‘USERENV‘, ‘DB_DOMAIN‘) FROM DUAL; |
DB_NAME | Name of the database as specified in the DB_NAME initialization parameter. |
SELECT sys_context(‘USERENV‘, ‘DB_NAME‘) FROM DUAL; SELECT name, value FROM gv$parameter WHERE name LIKE ‘db%name‘; |
DB_UNIQUE NAME | Name of the database as specified in the DB_UNIQUE_NAME initialization parameter. |
SELECT sys_context(‘USERENV‘, ‘DB_UNIQUE_NAME‘) FROM DUAL; SELECT name, value FROM gv$parameter WHERE name LIKE ‘db%name‘; |
ENTRYID | The available auditing entry identifier. You cannot use this option in distributed SQL statements. To use this keyword in USERENV, the initialization parameter AUDIT_TRAIL must be set to true. |
ENTERPRISE_IDENTITY | Returns the user‘s enterprise-wide identity: - For enterprise users: the Oracle Internet Directory DN.
- For external users: the external identity (Kerberos principal name, Radius and DCE schema names, OS user name, Certificate DN).
- For local users and SYSDBA/SYSOPER logins: NULL.
The value of the attribute differs by proxy method: - For a proxy with DN: the Oracle Internet Directory DN of the client
- For a proxy with certificate: the certificate DN of the client for external users; the Oracle Internet Directory DN for global users
- For a proxy with username: the Oracle Internet Directory DN if the client is an enterprise users; NULL if the client is a local database user.
|
FG_JOB_ID | Job ID of the current session if it was established by a client foreground process. Null if the session was not established by a foreground process. |
GLOBAL_CONTEXT_MEMORY | The number used in the System Global Area by the globally accessed context. |
SELECT sys_context(‘USERENV‘, ‘GLOBAL_CONTEXT_MEMORY‘) FROM DUAL; |
GLOBAL_UID | Returns the global user ID from Oracle Internet Directory for Enterprise User Security (EUS) logins; returns null for all other logins. |
HOST | Name of the host machine from which the client has connected. |
SELECT sys_context(‘USERENV‘, ‘HOST‘) FROM DUAL; |
IDENTIFICATION_TYPE | Returns the way the user‘s schema was created in the database. Specifically, it reflects the IDENTIFIED clause in the CREATE/ALTER USER syntax. In the list that follows, the syntax used during schema creation is followed by the identification type returned: - IDENTIFIED BY password: LOCAL
- IDENTIFIED EXTERNALLY: EXTERNAL
- IDENTIFIED GLOBALLY: GLOBAL SHARED
- IDENTIFIED GLOBALLY AS DN: GLOBAL PRIVATE
|
SELECT sys_context(‘USERENV‘, ‘IDENTIFICATION_TYPE‘) FROM DUAL; |
INSTANCE | The instance identification number of the current instance. |
SELECT sys_context(‘USERENV‘, ‘INSTANCE‘) FROM DUAL; |
INSTANCE_NAME | The name of the instance. |
SELECT sys_context(‘USERENV‘, ‘INSTANCE_NAME‘) FROM DUAL; |
IP_ADDRESS | IP address of the machine from which the client is connected. |
ISDBA | TRUE if the session is SYS |
SELECT sys_context(‘USERENV‘, ‘ISDBA‘) FROM DUAL; |
LANG | The ISO abbreviation for the language name, a shorter form than the existing ‘LANGUAGE‘ parameter. |
SELECT sys_context(‘USERENV‘, ‘LANG‘) FROM DUAL; |
LANGUAGE | The language and territory currently used by your session, along with the database character set, in the form: language_territory.characterset. |
SELECT sys_context(‘USERENV‘, ‘LANGUAGE‘) FROM DUAL; |
MODULE | The application name (module) set through the DBMS_APPLICATION_INFO package or OCI. |
SELECT sys_context(‘USERENV‘, ‘MODULE‘) FROM DUAL; |
NETWORK_PROTOCOL | Network protocol being used for communication, as specified in the ‘PROTOCOL=protocol‘ portion of the connect string. |
NLS_CALENDAR | The current calendar of the current session. |
SELECT sys_context(‘USERENV‘, ‘NLS_CALENDAR‘) FROM DUAL; |
NLS_CURRENCY | The currency of the current session. |
SELECT sys_context(‘USERENV‘, ‘NLS_CURRENCY‘) FROM DUAL; |
NLS_DATE_FORMAT | The date format for the session. |
SELECT sys_context(‘USERENV‘, ‘NLS_DATE_FORMAT‘) FROM DUAL; |
NLS_DATE_LANGUAGE | The language used for expressing dates. |
SELECT sys_context(‘USERENV‘, ‘NLS_DATE_LANGUAGE‘) FROM DUAL; |
NLS_SORT | BINARY or the linguistic sort basis. |
SELECT sys_context(‘USERENV‘, ‘NLS_SORT‘) FROM DUAL; |
NLS_TERRITORY | The territory of the current session. |
SELECT sys_context(‘USERENV‘, ‘NLS_TERRITORY‘) FROM DUAL; |
OS_USER | Operating system username of the client process that initiated the database session. |
SELECT sys_context(‘USERENV‘, ‘OS_USER‘) FROM DUAL; |
POLICY_INVOKER | The invoker of row-level security (RLS) policy functions. |
PROXY_ENTERPRISE_IDENTITY | Returns the Oracle Internet Directory DN when the proxy user is an enterprise user. |
PROXY_GLOBAL_UID | Returns the global user ID from Oracle Internet Directory for Enterprise User Security (EUS) proxy users; returns NULL for all other proxy users. |
PROXY_USER | Name of the database user who opened the current session on behalf of SESSION_USER. |
PROXY_USERID | Identifier of the database user who opened the current session on behalf of SESSION_USER. |
SERVER_HOST | The host name of the machine on which the instance is running. |
SELECT sys_context(‘USERENV‘, ‘SERVER_HOST‘) FROM DUAL; |
SERVICE_NAME | The name of the service to which a given session is connected. |
SELECT sys_context(‘USERENV‘, ‘SERVICE_NAME‘) FROM DUAL; |
SESSION_USER | Database user name by which the current user is authenticated. This value remains the same throughout the duration of the session. |
SELECT sys_context(‘USERENV‘, ‘SESSION_USER‘) FROM DUAL; |
SESSION_USERID | Identifier of the database user name by which the current user is authenticated. |
SELECT sys_context(‘USERENV‘, ‘SESSION_USERID‘) FROM DUAL; |
SESSIONID | The auditing session identifier. You cannot use this option in distributed SQL statements. This is the equivalent to the AUDSID column in gv$session. |
SELECT sys_context(‘USERENV‘, ‘SESSIONID‘) FROM DUAL; |
SID | The session number (different from the session ID). |
SELECT sys_context(‘USERENV‘, ‘SID‘) FROM DUAL; |
STATEMENTID | The auditing statement identifier. STATEMENTID represents the number of SQL statements audited in a given session. |
TERMINAL | The operating system identifier for the client of the current session. In distributed SQL statements, this option returns the identifier for your local session. In a distributed environment, this is supported only for remote SELECT statements, not for remote INSERT, UPDATE, or DELETE operations. (The return length of this parameter may vary by operating system.) |
SELECT sys_context(‘USERENV‘, ‘TERMINAL‘) FROM DUAL; |
|
Context Demo |
User Created Contexts | CREATE OR REPLACE CONTEXT App_Ctx using My_pkg ACCESSED GLOBALLY; CREATE OR REPLACE PACKAGE my_pkg IS PROCEDURE set_session_id(p_session_id NUMBER); PROCEDURE set_ctx(p_name VARCHAR2, p_value VARCHAR2); PROCEDURE close_session(p_session_id NUMBER); END; / CREATE OR REPLACE PACKAGE BODY my_pkg IS g_session_id NUMBER; PROCEDURE set_session_id(p_session_id NUMBER) IS BEGIN g_session_id := p_session_id; dbms_session.set_identifier(p_session_id); end set_session_id; --=============================================== PROCEDURE set_ctx(p_name VARCHAR2, p_value VARCHAR2) IS BEGIN dbms_session.set_context(‘App_Ctx‘,p_name,p_value,USER,g_session_id); END set_ctx; --=============================================== PROCEDURE close_session(p_session_id ) IS BEGIN dbms_session.set_identifier(p_session_id); dbms_session.clear_identifier; END close_session; --=============================================== END; / col var1 format a10 col var2 format a10 exec my_pkg.set_session_id(1234); exec my_pkg.set_ctx(‘Var1‘, ‘Val1‘); exec my_pkg.set_ctx(‘Var2‘, ‘Val2‘); SELECT sys_context(‘app_ctx‘, ‘var1‘) var1, sys_context(‘app_ctx‘, ‘var2‘) var2 FROM DUAL; -- Now we‘ll log out/log in -- At first, the context is empty-but we rejoin the session & there it is disconnect connect uwclass/uwclass SELECT sys_context(‘app_ctx‘, ‘var1‘) var1, sys_context(‘app_ctx‘, ‘var2‘) var2 FROM DUAL; exec my_pkg.set_session_id(1234); SELECT sys_context(‘app_ctx‘, ‘var1‘) var1, sys_context(‘app_ctx‘, ‘var2‘) var2 FROM DUAL; -- Now we‘ll show that this context is tied to our user (we specified -- USER above, if we used null anyone can join this session). grant execute on my_pkg to scott; conn scott/tiger exec uwclass.my_pkg.set_session_id(1234); SELECT sys_context(‘app_ctx‘, ‘var1‘) var1, sys_context(‘app_ctx‘, ‘var2‘) var2 FROM DUAL; -- Return to the set context again and clear it conn uwclass/uwclass exec my_pkg.set_session_id(1234); SELECT sys_context(‘app_ctx‘, ‘var1‘) var1, sys_context(‘app_ctx‘, ‘var2‘) var2 FROM DUAL; exec my_pkg.close_session(1234); SELECT sys_context(‘app_ctx‘, ‘var1‘) var1, sys_context(‘app_ctx‘, ‘var2‘) var2 FROM DUAL; |