Feed aggregator

Integrating Oracle Document Cloud and Oracle Sales Cloud, maintaining data level business object security

Angelo Santagata - Thu, 2016-01-14 11:10
Just written an article on http://www.ateam-oracle.com/ on how one would integrate SalesCloud and Documents cloud together. Interested? go and check it out!
Link to article

Adding a contact to a sales cloud account

Angelo Santagata - Thu, 2016-01-14 11:04

A common question is how do you add a contact to a Account in Sales Cloud? Ive seen developers (including me) try to issue a mergeOrganizaiton on the org, however this is not correct. In Oracle Fusion , Contacts are not "addded" to accounts but they are "related" to accounts.. Therefore to add a contact to a account you need to add a "Relationship" which links the contact and the organization. Here's a sample payload

WSDL <host>/crmCommonSalesParties/RelationshipService?wsdl

SOAP Request Payload

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:typ="http://xmlns.oracle.com/apps/crmCommon/salesParties/relationshipService/types/" xmlns:rel="http://xmlns.oracle.com/apps/crmCommon/salesParties/relationshipService/">

<!-- ContactId -->
<!-- AccountId -->

Groovy Script Example

def addContact =
        ObjectPartyId        : '300000000943126', /*Contact */
        SubjectPartyId       : '300000000943078', /*Account */
        RelationshipType  : 'CONTACT',
        RelationshipCode  : 'CONTACT',
        CreatedByModule : 'HZ_WS',
        Status  : 'A'







Extranet login redirects to intranet URL

Vikram Das - Thu, 2016-01-14 10:15
For an old ERP, we are moving from the architecture of "EBS application server in DMZ" to the architecture of "Reverse Proxy in DMZ and EBS application server in intranet".  After doing all configurations, we hit the classic issue where, you login through extranet url visible on public internet which redirects to intranet url.

So https://extranet.example.com asks for SSO details and after keying in SSO username and password goes to http://intranet.example.com.

The support.oracle.com article DMZ Configuration with Oracle E-Business Suite 11i (Doc ID 287176.1) has listed 4 checks which could be the reason for this issue:

H6: Redirection to an Incorrect Server During Login
If you are getting redirected to an incorrect server during the login process, check the following:
  • Whether the hirearchy type of the profile options mentioned in Section 5.1 is set to SERVRESP .
  • select PROFILE_OPTION_NAME,HIERARCHY_TYPE from fnd_profile_options where profile_option_name in 
    PROFILE_OPTION_NAME                               HIERARCHY_TYPE
    ----------------------------------------                               --------------------------------
    APPS_FRAMEWORK_AGENT                         SERVRESP
    APPS_JSP_AGENT                                         SERVRESP
    APPS_PORTAL                                         SERVRESP
    APPS_SERVLET_AGENT                                 SERVRESP
    APPS_WEB_AGENT                                         SERVRESP
    ASO_CONFIGURATOR_URL                         SERVRESP
    CZ_UIMGR_URL                                         SERVRESP
    HELP_WEB_AGENT                                         SERVRESP
    ICX_FORMS_LAUNCHER                         SERVRESP
    QP_PRICING_ENGINE_URL                         SERVRESP
    TCF:HOST                                                 SERVRESP

    All good on this point

  • Whether the profile option values for the fnd profile options (APPS_FRAMEWORK_AGENT, APPS_WEB_AGENT, APPS_JSP_AGENT, APPS_SERVLET_AGENT) are pointing to the correct node. Replace the node_id with the node_id of the external and internal web tier. For example:
  • select fnd_profile.value_specific('APPS_FRAMEWORK_AGENT',null,null,null,null,) from dual;
    This query returned https://extranet.example.com

  • Whether the dbc file pointed to by the JVM parameter (JTFDBCFILE) in jserv.properties exists.
  • wrapper.bin.parameters=-DJTFDBCFILE=
    This was incorrect.  It was pointing to the intranet jdbc file location.

  • Whether the value of the parameter APPL_SERVER_ID set in the dbc file for the node is the same as the value of the server_id in the fnd_nodes table.
    select node_name,node_id,server_id from fnd_nodes;
    This was overwritten in the dbc file, with appl_server_id of intranet when autoconfig was done on intranet and overwritten with appl_server_id of extranet when autoconfig was done on extranet, as the DBC file location and name were same for both intranet and extranet.
I asked the DBA team to manually correct the dbc file name inside $IAS_CONFIG_HOME/Apache/Apache/Jserv/etc/jserv.properties
and create a file of that name in $FND_SECURE/$CONTEXT_NAME.dbc on the extranet node and bounce services.  Once that was done, we tested and it worked. No more redirection to intranet URL.

Then I asked them to correct the s_dbc_file_name variable in the context file of extranet node. Run autoconfig on extranet, verify the value of dbcfile in jserv.properties DJTFDBCFILE parameter, verify that the DBC file had the server_id of the extranet node.  Restart all services.
Checked again, and it worked again.

So apart from checking the values of context file variables like s_webentryhost, s_webentrydomain, s_active_port, you also need to check the value of s_dbc_file while verifying the setups for extranet configuration. This can happen in 11i , R12.1 and R12.2 also.
Categories: APPS Blogs

Indexes and Initrans (Blackstar)

Richard Foote - Thu, 2016-01-14 00:26
It’s been a very tough week so to help keep my mind off rather sad events, thought I’ll finish off one of my unpublished articles. Initrans is a physical attribute that determines the initial number of concurrent transaction entries allocated within each data block for a given table/index/cluster. Every transaction that updates a block has to acquire an […]
Categories: DBA Blogs

Gather system stats on EXADATA X4-2 throws an ORA-20001,ORA-06512

Syed Jaffar - Wed, 2016-01-13 00:40
After a recent patch deployment on Exadata X4-2 system, the following error encountered whilst gathering system stats with Exadata mode (dbms_stats.gather_system_stats('EXADATA')):

SQL> exec dbms_stats.gather_system_stats('EXADATA');
BEGIN dbms_stats.gather_system_stats('EXADATA'); END;

ERROR at line 1:
ORA-20001: Invalid or inconsistent input values
ORA-06512: at "SYS.DBMS_STATS", line 27155
ORA-06512: at line 1

It appears to be a BUG, and the following workaround should resolve the issue:

(1) As SYS user execute the scripts below:

SQL> @?/rdbms/admin/dbmsstat.sql
SQL> @?/rdbms/admin/prvtstas.plb
SQL> @?/rdbms/admin/prvtstat.plb
SQL> @?/rdbms/admin/prvtstai.plb

(2) Then, re-run your DBMS_STATS call:

exec dbms_stats.gather_system_stats('EXADATA');

Indeed this worked for us and hope this would work for you as well.

Exclusive Oracle CloudWorld Hands-on-lab!

OTN TechBlog - Tue, 2016-01-12 11:30

Please join us at Oracle CloudWorld Developer Conference in New York on January 19th for an exclusive Oracle CloudWorld Hands-on-lab. The lab has limited seating so confirm your participation today and learn how the cloud will transform how you work REGISTER TODAY! Time - January 19, 2016 - 10:00 AM - 4:00 PM / Location - Waldorf Astoria 
New York, 
540 Lexington Avenue New York, NY 10022

»   Provision a new database in the cloud with Oracle Database Cloud Service (DBCS)
»   Gain experience in building new applications for the Oracle Cloud
»   Set up connectivity between the Compute tier and DBCS
»   Learn about the REST APIs available to access the Oracle Cloud

Following the session, you can meet with the Oracle Cloud experts to take a deeper dive into specific areas of interest.

Each participant must bring their own laptop with the following:
»   Intel Core i5 Laptop with 8GB Memory, 55GB Free Hard Disk Space
»   Windows 7 64-Bit
»   Microsoft Internet Explorer, Apple Safari or Mozilla Browser

Sign up today! Limited seating for this session.

Your registration gives you full access to Oracle CloudWorld Developers Conference. Enjoy networking opportunities, product demos, break-out sessions and a keynote from Chris Tonas, Vice President of Mobility and Development tools at Oracle on best practices for Cloud development and why innovation begins with the cloud.

Netflix for Webinars

Gerger Consulting - Tue, 2016-01-12 01:35
This February, we are launching ProHuddle, a website where you can find high quality webinars for every topic you are interested in.

Our core community consists of Oracle professionals, so we’ll start with Oracle related topics and branch off from there to other areas.

Benefits of ProHuddle for You
It’s free Attending conferences can be expensive. ProHuddle brings you high quality presentations for free.

Content DiscoveryYou miss a lot of content you might enjoy, simply because you never hear about it. ProHuddle curates presentations, surfaces the best ones and notifies you about them. You’ll have access to presentations from all over the world, connecting you to the experts from everywhere.

Easy to Attend Attending conferences can be time consuming. You can attend ProHuddle webinars from the comfort of your home or your office, on any device.

More Engaging Presentations have time constraints. At ProHuddle, there is no next presentation to catch or to clear the room for. The presenter has as much time as she needs to deliver her message, answer questions and interact with the audience (which is to me the best part of all).

If you are a curious, open minded person, with an interest in new people, ideas, products and technologies, sign up at www.prohuddle.com. We are launching in February 2016!
Categories: Development

Goodbye Spaceboy

Andrew Clarke - Mon, 2016-01-11 22:45
"Sometimes I feel
The need to move on
So I pack a bag
And move on"

Can't believe Bowie has taken that final train.

David Bowie's music has been part of my life pretty much since I started listening to pop music seriously. Lodger was the first Bowie album I listened to all the way through. It's probably his most under-appreciated album. It's funny to think that back then in 1979 Bowie was dismissed as past it, a boring old fart who should be swept aside by the vital surge of post-punk bands. Because those bands were raised on Ziggy, they were taught to dance by the Thin White Duke and they learnt that moodiness from listening to Low in darkened bedrooms too many times.

Even if you don't listen to Bowie, probably your favourite bands did. If they style their hair or wear make up, they listened to Bowie. If they play synths they listened to Bowie. If they make dance music for awkward white boys at indie discos they listened to Bowie. If they lurk in shadows smoking cigarettes in their videos they listened to Bowie. That's a large part of his legacy.

The other thing about Bowie is that his back catalogue has something for pretty much everybody. People who loved Ziggy Stardust might loath the plastic soul phase. Hardly anybody gets Hunky Dory; but for some fans it's their favourite album. My favourite is the first side of "Heroes" and the second side of Low, but that whole stretch from Young Americans to Lodger is a seam of sustained musical invention unparallelled by any other pop act. (Judicious picking of collaborators is an art in itself.)

Of course, there was a long fallow period. Tin Machine weren't as bad as we thought at the time, but the drum'n'bass was too 'Dad dancing at a wedding reception' for comfort. So it was a relief when he finally started producing decent albums again. Heathen has some lovely moments. The Next Day was something of a return to form (although a bit too long to be a classic). Then there's Blackstar.

It's almost as though Bowie hung on just long enough that Blackstar would be reviewed as his latest album, rather than his last one. The four and five star reviews earned through merit rather than the mawkishness which would have accompanied a posthumous release. And it really is pretty good. When I first heard the title track it sounded like Bowie was taking a cue from Scott Walker's latter period: edgy, experimental and deliberately designed not to be fan pleaser. But, unlike Walker, Bowie can't do wilfully unlistenable. Even in the midst of all that drone and skronk there are tunes. He can't help himself, his pop sensibility is too strong. Which is why I've already listened to Blackstar more times than I've listened to Bish Bosch.

So, farewell David Bowie. We're all going to miss you terribly. "May God's love be with you."

Conference Season

Scott Spendolini - Mon, 2016-01-11 21:56
It's conference season!  That means time to start looking at flights and hotels and ensuring that while I'm on the road, my wife is not at work (no easy task).  In addition to many of the conferences that I've been presenting at for years, I have a couple of new additions to the list.

Here it is:

RMOUG - Denver, CO
One of the larger conferences, the year usually starts out in Denver for me, where crowds are always large and appreciative.  RMOUG has some of the most dedicated volunteers and puts on a great conference year after year.

GAOUG - Atlanta, GA
This will be my first time at GAOUG, and I'm excited to help them get their annual conference started.  Lots of familiar faces will be in attendance.  At only $150, if you near the Atlanta drive, it's worth checking out.

OCOJ - Williamsburg, VA (submitted)
This will (hopefully) also be my first Oracle Conference on the James.  Held in historic Williamsburg, OCOJ is also a steal at just $99.

UTOUG - Salt Lake City, UT
I'll head back out west to Utah for UTOUG.  Always good to catch up with the local Oracle community in Utah each year.  Plus, I make my annual SLC brewery tour while there.

GLOC - Cleveland, OH (submitted)
Steadily growing in popularity, the folks at GLOC put on an excellent conference.  Waiting to hear back on whether my sessions got accepted.

KSCOPE - Chicago, IL
Like everyone, I'm looking forward to one of the best annual technical conferences that I've regularly attended.  In addition to the traditional APEX content, there's few surprises planned this year!

ECO - Raleigh/Durham, NC (planning on submitting)
ECO - formerly VOUG - is also growing in numbers each year.  There's a lot of tech in the RDU area, and many of the talented locals present here.  Bonus: Jeff Smith curated brewery/bar tour the night before.

OOW - San Francisco, CA (planning on submitting)
As always, the conference year typically ends with the biggest one - Oracle Open World.  While there's not as much APEX content as there once way, it's always been more focused on the marketing side of technology, which is good to hear every now and then.

User group conferences are one of the best types of training available, especially since they typically cost just a couple hundred dollars.  I encourage you to try to check out one near you.  Smaller groups are also great places to get an opportunity to present.  In addition to annual conferences, many smaller groups meet monthly or quarterly and are always on the look out for new content.

David Bowie 1947-2016. My Memories.

Richard Foote - Mon, 2016-01-11 20:06
In mid-April 1979, as a nerdy 13 year old, I sat in my bedroom in Sale, North England listening to the radio when a song called “Boys Keep Swinging” came on by an singer called David Bowie who I never heard of before. I instantly loved it and taped it next time it came on the radio via my […]
Categories: DBA Blogs

Intro to JCS

Angelo Santagata - Mon, 2016-01-11 06:04
v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} Angelo Santagata Angelo Santagata 3 3 2016-01-11T12:00:00Z 2016-01-11T12:03:00Z 1 62 356 2 1 417 15.00 Clean Clean false false false false EN-GB X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin:0cm; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri",sans-serif; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-fareast-language:EN-US;}

Happy New Year all!!!


To start this year's blogging I thought id highlight a nice and easy quick win on getting started with Oracle Java Cloud Service..  This link https://www.youtube.com/watch?v=5DHsE2x5mks takes you to a youtube video which I found very clear and easy to follow.




The Anti-Kyte - Sun, 2016-01-10 11:28

Last year we got a kitten. Little Cleo was full of the joys of…well…being a cat. Then, one day, she just disappeared.
Several months later, having given up hope of ever seeing her again, we adopted Nutmeg.
Then, just before Christmas, Cleo suddenly re-appeared.
It’s a complete mystery as to where she had been for the last year and she has not condescended to comment on the matter.
The end result is that we are now a two cat family.
This brings with it certain complications.
When they aren’t studiously ignoring each other, the cats sit there giving each other hard stares for hours on end.
I think there may be some tension over exactly just who owns that fluffy ball.
To ensure that our sleep is not disturbed by these two fighting like cats in a sack, it’s necessary to ensure that they are in separate rooms before we retire for the evening.
As a result we’ve become rather expert at the art of Cat Herding, which largely consists of bribery with cat-nip, among other things.

Whilst acquiring a reputation as a “dealer” among the feline population of Milton Keynes, I have had cause to reflect on the similarity of our new hobby with the trials and tribulations of persuading DBMS_METADATA.GET_DDL that you do actually have permissions to see the source code you’ve asked for.

This is regularly a fairly tortuous process. In what follows I will be examining just why SELECT_CATALOG_ROLE is DBMS_METADATA cat-nip…and why SELECT ANY DICTIONARY isn’t.
I’ll also look at how you can stop chasing your tail and get this function to behave itself when invoked from within a stored program unit…


According to the Oracle Documentation, the SELECT ANY DICTIONARY privilege allows you to :

“Query any data dictionary object in the SYS schema. This privilege lets you selectively override the default FALSE setting of the O7_DICTIONARY_ACCESSIBILITY initialization parameter.”

Some explanation is required here. Prior to Oracle 8, a user with the SELECT ANY TABLE privilege had access to any table in the database. From 8 onwards, this privilege was restricted to exclude the Data Dictionary. This is where SELECT ANY DICTIONARY came in.

Before we go any further, let’s just make sure that the O7_DICTIONARY_ACCESSIBILITY parameter is not set to TRUE…

select value
from v$parameter


Now, to see the effect of this privilege on DBMS_METADATA.GET_DDL, let’s create a user :

grant create session, select any dictionary
    to cleo identified by password_you_can_type_with_paws

If we now connect to the database as cleo, we can see that she has permissions to query the DBA_SOURCE view, among other things, and therefore to retrieve the source for a procedure in the HR schema :

set heading off
set pages 500
set lines 130
select text
from dba_source
where owner = 'HR'
and name = 'ADD_JOB_HISTORY'
and type = 'PROCEDURE'
order by line

Sure enough, we get the expected output :

PROCEDURE add_job_history
  (  p_emp_id          job_history.employee_id%type
   , p_start_date      job_history.start_date%type
   , p_end_date        job_history.end_date%type
   , p_job_id          job_history.job_id%type
   , p_department_id   job_history.department_id%type
  INSERT INTO job_history (employee_id, start_date, end_date,
                           job_id, department_id)
    VALUES(p_emp_id, p_start_date, p_end_date, p_job_id, p_department_id);
END add_job_history;

13 rows selected.


By default, EXECUTE on the DBMS_METADATA package are granted to PUBLIC. So, invoking the GET_DDL function for the same program unit should return the DDL statement required to re-create it. We already know we have access to the source so this should be no problem, right ?

set long 5000
select dbms_metadata.get_ddl( schema => 'HR', name => 'ADD_JOB_HISTORY', object_type => 'PROCEDURE')
from dual
ORA-31603: object "ADD_JOB_HISTORY" of type PROCEDURE not found in schema "HR"
ORA-06512: at "SYS.DBMS_METADATA", line 4018
ORA-06512: at "SYS.DBMS_METADATA", line 5843
ORA-06512: at line 1

no rows selected


Has Oracle forgotten about this procedure ? Maybe it’s rolled under the sofa ?
Either way, further investigation would seem to be in order…


Like a cat, DBMS_METADATA.GET_DDL can appear to be, to put it delicately, rather indepenently minded. It certainly doesn’t always do what it’s told.

To try to determine what’s happening, we could do some tracing and look through the recursive statements to see which precisely what is causing the error. However, there is a quicker way.
Let’s start by looking at the comments in the DBMS_METADATA package header :

-- This package is owned by SYS with execute access granted to PUBLIC.
-- It runs with invokers rights, i.e., with the security profile of
-- the caller.  It calls DBMS_METADATA_INT to perform privileged
-- functions.
-- The object views defined in catmeta.sql implement the package's security
-- policy via the WHERE clause on the public views which include syntax to
-- control user access to metadata: if the current user is SYS or has
-- SELECT_CATALOG_ROLE, then all objects are visible; otherwise, only
-- objects in the schema of the current user are visible.

This points us in the direction of the file…


Sure enough, when we get to line 10209, things become a bit clearer…

-- base view for procedures, functions, packages and package bodies

create or replace force view ku$_base_proc_view of ku$_proc_t
  with object identifier (obj_num) as
  select '1','1',
  from  sys.ku$_edition_schemaobj_view o, sys.ku$_edition_obj_view oo
  where (oo.type# = 7 or oo.type# = 8 or oo.type# = 9 or oo.type# = 11)
    and oo.obj#  = o.obj_num and oo.linkname is NULL
         AND (SYS_CONTEXT('USERENV','CURRENT_USERID') IN (o.owner_num, 0) OR
              EXISTS ( SELECT * FROM sys.session_roles
                       WHERE role='SELECT_CATALOG_ROLE' ))

Unless you are either the owner of the stored program unit you’re trying to retrieve, or connected as USER_ID 0 ( i.e. SYS), the only way that you’re going to get anything back from a query on this view is if you have been granted a role called SELECT_CATALOG_ROLE.

To verify this, let’s create another user…

grant create session
    to nutmeg identified by must_have_catnip

grant select_catalog_role
    to nutmeg

Once again, we have access to the DBA_SOURCE view…

set heading off
set pages 500
set lines 130
select text
from dba_source
where owner = 'HR'
and name = 'ADD_JOB_HISTORY'
and type = 'PROCEDURE'
order by line

PROCEDURE add_job_history
  (  p_emp_id          job_history.employee_id%type
   , p_start_date      job_history.start_date%type
   , p_end_date        job_history.end_date%type
   , p_job_id          job_history.job_id%type
   , p_department_id   job_history.department_id%type
  INSERT INTO job_history (employee_id, start_date, end_date,
                           job_id, department_id)
    VALUES(p_emp_id, p_start_date, p_end_date, p_job_id, p_department_id);
END add_job_history;

13 rows selected.


…however, we can now also use DBMS_METADATA.GET_DDL …

set long 5000
select dbms_metadata.get_ddl( schema => 'HR', name => 'ADD_JOB_HISTORY', object_type => 'PROCEDURE')
from dual
  (  p_emp_id          job_history.employee_id%type
   , p_start_date      job_history.start_date%type
   , p_end_date        job_history.end_date%type
   , p_job_id          job_history.job_id%type
   , p_department_id   job_history.department_id%type
  INSERT INTO job_history (employee_id, start_date, end_date,
                           job_id, department_id)
    VALUES(p_emp_id, p_start_date, p_end_date,
 p_job_id, p_department_id);
END add_job_history;


It seems that DBMS_METADATA has retrieved it’s fluffy ball from under the sofa.

DBMS_METADATA.GET_DDL in a Stored Program Unit

The fact that SELECT_CATALOG_ROLE is a role rather than a system privilege does tend to make life interesting if you put calls to DBMS_METADATA.GET_DDL into a stored program unit.

To demonstrate, let’s create a function that does just that (in the nutmeg schema – i.e. a schema that does not have the role granted to it) :

alter session set current_schema = nutmeg

create or replace function get_ddl( i_owner in varchar2, i_name in varchar2, i_type in varchar2)
    return clob
    dbms_output.put_line('Listing active session roles...');
    for r_role in (select role from sys.session_roles) loop
        dbms_output.put_line('Role : '||r_role.role);
    end loop;
    dbms_output.put_line('Roles listed');
    return dbms_metadata.get_ddl( schema => i_owner, name => i_name, object_type => i_type);

This should work fine for a user with the role granted, shouldn’t it ?
Let’s test it (once again, connected as cleo)…

set serveroutput on size unlimited
select get_ddl('HR', 'ADD_JOB_HISTORY', 'PROCEDURE')
from dual
ORA-31603: object "ADD_JOB_HISTORY" of type PROCEDURE not found in schema "HR"
ORA-06512: at "SYS.DBMS_METADATA", line 4018
ORA-06512: at "SYS.DBMS_METADATA", line 5843
ORA-06512: at "NUTMEG.GET_DDL", line 10

no rows selected

Listing active session roles...
Roles listed

Because we’re calling the DBMS_METADATA.GET_DDL function from inside a stored program unit, the role is disabled.
In order for this to work we need to make the stored program unit invoker’s rights…

alter session set current_schema = nutmeg

create or replace function get_ddl( i_owner in varchar2, i_name in varchar2, i_type in varchar2)
    return clob
    authid current_user
    dbms_output.put_line('Listing active session roles...');
    for r_role in (select role from sys.session_roles) loop
        dbms_output.put_line('Role : '||r_role.role);
    end loop;
    dbms_output.put_line('Roles listed');
    return dbms_metadata.get_ddl( schema => i_owner, name => i_name, object_type => i_type);

Now, when we invoke this function (as cleo once again), the role is still applicable…

set serveroutput on size unlimited
set long 5000
set heading off
select get_ddl('HR', 'ADD_JOB_HISTORY', 'PROCEDURE')
from dual

  (  p_emp_id          job_history.employee_id%type
   , p_start_date      job_history.start_date%type
   , p_end_date        job_history.end_date%type
   , p_job_id          job_history.job_id%type
   , p_department_id   job_history.department_id%type

  INSERT INTO job_history (employee_id, start_date, end_date,
                           job_id, department_id)
    VALUES(p_emp_id, p_start_date, p_end_date, p_job_id, p_department_id);
END add_job_history;

Listing active session roles...
Roles listed

It would seem then, that only a user granted SELECT_CATALOG_ROLE can usefully use DBMS_METADATA.GET_DDL in a stored program unit to retrieve DDL for objects not owned by them.

Something you might want to consider at this point, is that SELECT_CATALOG_ROLE is itself granted the HS_ADMIN_SELECT_ROLE role. Between them, these roles have SELECT access on quite a large number of SYS objects :

select count(*)
from dba_tab_privs



At this point, you may well ask if there is any way for users to utilise our function without having this role granted.
After all, a common approach to application security is to bestow execute access to users on a stored program unit without them having any visibility of the underlying tables and views.

Well, there is…

Doing without the SELECT_CATALOG_ROLE

Before we go any further I think I should point out that there are several issues with creating objects in the SYS schema.

The objects in the schema are effectively part of the Oracle software. The schema can be seen as being analogous to root on a *nix system.

There are various admonitions against performing DDL in the SYS schema. These include

As with most “golden rules” however, there is at least one exception – in this case, the Password Verify Function springs to mind.

I suppose the best reason for avoiding this sort of thing is that it would only take one moment of inattention to cause potentially irreparable damage to your Oracle installation. Even with a backup re-installing Oracle is no trivial matter. Therefore, I strongly suggest that you consider carefully whether the benefits of the approach I’m about to take here outweigh the issues of granting SELECT_CATALOG_ROLE.

So then, as SYS…

create function get_ddl( i_owner in varchar2, i_name in varchar2, i_type in varchar2)
    return clob
    dbms_output.put_line('Listing active session roles...');
    for r_role in (select role from sys.session_roles) loop
        dbms_output.put_line('Role : '||r_role.role);
    end loop;
    dbms_output.put_line('Roles listed');
    dbms_output.put_line('Userid is : '||sys_context('userenv', 'current_userid'));
    return dbms_metadata.get_ddl( schema => i_owner, name => i_name, object_type => i_type);

grant execute on get_ddl to cleo

Note that we’re using CREATE rather than CREATE OR REPLACE to ensure that we don’t accidentally overwrite anything.

Now, when we call this function as cleo…

set serveroutput on
set heading off
set lines 130
set long 5000
select sys.get_ddl('HR', 'ADD_JOB_HISTORY', 'PROCEDURE')
from dual

  (  p_emp_id          job_history.employee_id%type
   , p_start_date      job_history.start_date%type
   , p_end_date        job_history.end_date%type
   , p_job_id          job_history.job_id%type
   , p_department_id   job_history.department_id%type

  INSERT INTO job_history (employee_id, start_date, end_date,
                           job_id, department_id)
    VALUES(p_emp_id, p_start_date, p_end_date,
 p_job_id, p_department_id);
END add_job_history;

Listing active session roles...
Roles listed
Userid is : 0

The fact that we don’t have the role becomes irrelevant because the function is running with definer’s rights (i.e. as SYS, which as a CURRENT_USERID of 0).


The security model implemented for DBMS_METADATA is quite unusual for Oracle supplied PL/SQL packages.
As we have seen, invoking this package, especially it’s GET_DDL function often behaves in unexpected (and possibly entertaining) ways.

Filed under: Oracle, PL/SQL Tagged: 07_dictionary_accessibility, catmeta.sql, current_userid, DBMS_METADATA, DBMS_METADATA.GET_DDL, definer's rights, ku$_edition_schemaobj_view, ORA-31603, select any dictionary, SELECT_CATALOG_ROLE, sys.session_roles, SYS_CONTEXT

Public Appearances H1 2016

Tanel Poder - Sat, 2016-01-09 21:53

Here’s where I’ll hang out in the following months:

26-28 January 2016: BIWA Summit 2016 in Redwood Shores, CA

10-11 February 2016: RMOUG Training Days in Denver, CO

25 February 2016: Yorkshire Database (YoDB) in Leeds, UK

6-10 March 2016: Hotsos Symposium, Dallas, TX

10-14 April 2016: IOUG Collaborate, Las Vegas, NV

  • Beer session: Not speaking myself but planning to hang out on a first couple of conference days, drink beer and attend Gluent colleague Maxym Kharchenko‘s presentations

24-26 April 2016: Enkitec E4, Barcelona, Spain

18-19 May 2016: Great Lakes Oracle Conference (GLOC) in Cleveland, OH

  • I plan to submit abstracts (and hope to get some accepted :)
  • The abstract submission is still open until 1st February 2016

2-3 June 2016: AMIS 25 – Beyond the Horizon near Leiden, Netherlands

  • This AMIS 25th anniversary event will take place in a pretty cool location – an old military airport hangar (and abstract submission is still open :)
  • Update: I unfortunately had to cancel my speaking plans at the AMIS event 

5-7 June 2016: Enkitec E4, Dallas, TX


As you can see, I have changed my “I don’t want to travel anymore” policy ;-)


NB! If you want to move to the "New World" - offload your data and workloads to Hadoop, without having to re-write your existing applications - check out Gluent. We are making history! ;-)

The “Two Spaces After a Period” Thing

Cary Millsap - Fri, 2016-01-08 14:21
Once upon a time, I told my friend Chet Justice why he should start using one space instead of two after a sentence-ending period. I’m glad I did.

Here’s the story.

When you type, you’re inputting data into a machine. I know you like feeling like you’re in charge, but really you’re not in charge of all the rules you have to follow while you’re inputting your data. Other people—like the designers of the machine you’re using—have made certain rules that you have to live by. For example, if you’re using a QWERTY keyboard, then the ‘A’ key is in a certain location on the keyboard, and whether it makes any sense to you or not, the ‘B’ key is way over there, not next to the ‘A’ key like you might have expected when you first started learning how to type. If you want a ‘B’ to appear in the input, then you have to reach over there and push the ‘B’ key on the keyboard.

In addition to the rules imposed upon you by the designers of the machine you’re using, you follow other rules, too. If you’re writing a computer program, then you have to follow the syntax rules of the language you’re using. There are alphabet and spelling and grammar rules for writing in German, and different ones for English. There are typographical rules for writing for The New Yorker, and different ones for the American Mathematical Society.

A lot of people who are over about 40 years old today learned to type on an actual typewriter. A typewriter is a machine that used rods and springs and other mechanical elements to press metal dies with backwards letter shapes engraved onto them through an inked ribbon onto a piece of paper. Some of the rules that governed the data input experience on typewriters included:
  • You had to learn where the keys were on the keyboard.
  • You had to learn how to physically return the carriage at the end of a line.
  • You had to learn your project’s rules of spelling.
  • You had to learn your project’s rules of grammar.
  • You had to learn your project’s rules of typography.
The first two rules listed here are physical, but the final three are syntactic and semantic. Just like you wouldn’t press the ‘A’ key to make a ‘B’, you wouldn’t use the strings “definately” or “we was” to make an English sentence.

On your typewriter, you might not have realized it, but you did adhere to some typography rules. They might have included:
  • Use two carriage returns after a paragraph.
  • Type two spaces after a sentence-ending period.
  • Type two spaces after a colon.
  • Use two consecutive hyphens to represent an em dash.
  • Make paragraphs no more than 80 characters wide.
  • Never use a carriage return between “Mr.” and the proper name that follows, or between a number and its unit.
The rules were different for different situations. For example, when I wrote a book back in the mid 1980s, one of the distinctive typography rules my publisher imposed upon me was:
  • Double-space all paragraph text.
They wanted their authors to do this so that their copyeditor had plenty of room for markup. Such typography rules can vary from one project to another.

Most people who didn’t write for different publishers got by just fine on the one set of typography rules they learned in high school. To them, it looked like there were only a few simple rules, and only one set of them. Most people had never even heard of a lot of the rules they should have been following, like rules about widows and orphans.

In the early 1980s, I began using computers for most of my work. I can remember learning how to use word processing programs like WordStar and Sprint. The rules were a lot more complicated with word processors. Now there were rules about “control keys” like ^X and ^Y, and there were no-break spaces and styles and leading and kerning and ligatures and all sorts of new things I had never had to think about before. A word processor was much more powerful than a typewriter. If you did it right, typesetting could could make your work look like a real book. But word processors revealed that typesetting was way more complicated than just typing.

Doing your own typesetting can be kind of like doing your own oil changes. Most people prefer to just put gas in the tank and not think too much about the esoteric features of their car (like their tires or their turn signal indicators). Most people who went from typewriters to word processors just wanted to type like they always had, using the good-old two or three rules of typography that had been long inserted into their brains by their high school teachers and then committed by decades of repetition.

Donald Knuth published The TeXBook in 1984. I think I bought it about ten minutes after it was published. Oh, I loved that book. Using TeX was my first real exposure to the world of actual professional-grade typography, and I have enjoyed thinking about typography ever since. I practice typography every day that I use Keynote or Pages or InDesign to do my work.

Many people don’t realize it, but when you type input into programs like Microsoft Word should follow typography rules including these:
  • Never enter a blank line (edit your paragraph’s style to manipulate its spacing).
  • Use a single space after a sentence-ending period (the typesetter software you’re using will make the amount of space look right as it composes the paragraph).
  • Use a non-breaking space after a non-sentence-ending period (so the typesetter software won’t break “Mr. Harkey” across lines).
  • Use a non-breaking space between a number and its unit (so the typesetter software won’t break “8 oz” across lines).
  • Use an en dash—not a hyphen—to specify ranges of numbers (like “3–8”).
  • Use an em dash—not a pair of hyphens—when you need an em dash (like in this sentence).
  • Use proper quotation marks, like “this” and ‘this’ (or even « this »).
Of course, you can choose to not follow these rules, just like you can choose to be willfully ignorant about spelling or grammar. But to a reader who has studied typography even just a little bit, seeing you break these rules feels the same as seeing a sentence like, “You was suppose to use apostrophe's.” It affects how people perceive you.

So, it’s always funny to me when people get into heated arguments on Facebook about using one space or two after a period. It’s the tiniest little tip of the typography iceberg, but it opens the conversation about typography, for which I’m glad. In these discussions, two questions come up repeatedly: “When did the rule change? Why?”

Well, the rule never did change. The next time I type on an actual typewriter, I will use two spaces after each sentence-ending period. I will also use two spaces when I create a Courier font court document or something that I want to look like it was created in the 1930s. But when I work on my book in Adobe InDesign, I’ll use one space. When I use my iPhone, I’ll tap in two spaces at the end of a sentence, because it automatically replaces them with a period and a single space. I adapt to the rules that govern the situation I’m in.

It’s not that the rules have changed. It’s that the set of rules was always a lot bigger than most people ever knew.

2016 Oracle Utilities America’s Product Development Customer Advisory Board

Anthony Shorten - Thu, 2016-01-07 22:49

I will be attending the 2016 Oracle Utilities America’s Product Development Customer Advisory Board this year which is in Phoenix Arizona from the Feb 29th till 3rd March. This year we are running a dedicated technical stream highlighting specific technical features and also running a Technical Q&A Panel to answer technical questions and discuss our directions.

The sessions will be focused on technical aspects of the solution and be a combination of presentations on topics, live demonstrations and question/answer sessions with product experts. The planned sessions this year are:

 Session  Overview  Security Features and Functions
In this session the new and improved security features of the Oracle Utilities Application Framework will be discussed including integrations to various security technologies to understand and take advantage of the advanced security solutions now available.
 Web Services Integration
In this session the new Inbound Web Services, Message Driven beans and REST functionality of the Oracle Utilities Application Framework are highlighted to understand the integration capabilities for implementation. This session will include integrations to SOA products.
 Information Lifecycle Management
In this session the new Information Lifecycle Management solution will be outlined and discussed to highlight the capabilities, implementation strategies and techniques for reducing storage costs whilst retaining data for business purposes
 Managing your Utilities environment using Oracle Enterprise Manager In this session the techniques and capabilities of reducing your IT management costs using Oracle Enterprise Manager are outlined including using the base capabilities of the console and using the various packs available to augment the solution including the Oracle Application Management Pack for Oracle Utilities.
 Technical Cloud Solutions
In this session the technical architecture of Oracle Cloud offerings for Software As A Service (SaaS) and Platform As A Service (PaaS) will be discussed. This session highlights all the technology used in the solution as well as the architecture of those solutions.
 Oracle Utilities Framework Roadmap
In this session the roadmap of the Oracle Utilities Application Framework will be outlined.
 Oracle Utilities Testing Solutions
In this session the new Oracle Application Testing Suite based testing accelerators for Oracle Utilities products will be outlined and demonstrated for quick adoption of automated testing. The solution includes Functional/Regression Testing, Performance/Load Testing and Testing Management.
 Mobile Framework Overview
In this session the planned Mobile Server integration architecture and technology will be highlighted to allow connected and disconnected mobile clients for Oracle Utilities products.
 Technology Strategy
In this session the short, medium and long term technology strategy will be discussed to outline the technology directions and integrations for the Oracle Utilities Application Framework in future releases. There will be a Q&A session in this session as well to discuss technology options.
 Technical Implementation Q&A Panel
This session will be generic panel session where product managers and product developers are available for customer and partner questions and discussions on technical aspects of implementations.

I will be available for all these sessions with other product managers and will also be attending the Customer User Group meetings after the CAB has completed. These sessions are designed for technical personnel rather than business personnel.

I look forward to seeing you at the CAB. For those in APAC, I am also attending the APAC CAB in Melbourne (my home town) in Mid February 2016 with a subset of these sessions.

If you're new to the APEX community, here are some tips to get engaged

Joel Kallman - Thu, 2016-01-07 20:29
Last night (January 6, 2016) we had our first-in-2016 APEX Meetup meeting in Columbus, Ohio, USA.  For being on short notice, we had a nice turnout, and I was able to distribute the new apex.world stickers.  I was most impressed that a gentleman (by the name of Shannon) drove down from Cleveland, Ohio - almost 2 hours drive each way.  He's been using APEX for all of two weeks, was using it with PowerSchool, and wanted to see what this APEX was all about.

Today, I wrote on our Oracle APEX Columbus Meetup board a short summary of the information we reviewed last night.  For those people who've been doing APEX for years, none of this is going to be new.  But the information I posted may be especially helpful to those who are very new to APEX, or even curious about APEX.  I decided to simply share it again here, in the hopes that someone else just as new as Shannon will find this useful.


We discussed a few things last night and I wished to summarize them here:

1)  There are ways to remain connected to the APEX community via Social media:

Facebook:  https://www.facebook.com/orclapex
LinkedIn:  http://linkedin.com/groups/8263065
Twitter:  The hashtag for Oracle Application Express is #orclapex.  Most everyone who attended last night is on Twitter.  You can follow many of us.  I’m at @joelkallman.  The APEX news is at @oracleapexnews.  If you don't know anyone on twitter, just do a Twitter search for #orclapex.

I’ll be honest - almost everyone in the APEX community is heavily engaged on Twitter, a lot less on LinkedIn, and almost never on Facebook.

2)  You should get registered on https://apex.world

It’s the APEX Community site, written by others in the APEX community (outside of Oracle).  There are jobs, plug-ins, open source, twitter feeds, news, and more.  You should also get registered on Slack, because apex.world is also integrated with Slack.  Follow the instructions on apex.world to get a Slack invitation.  It’s worth it.

3)  I spoke of some upcoming conferences

There is an upcoming conference in May in Cleveland, the Great Lakes Oracle Conference.  Not only will Jason Straub and I be there, doing a couple sessions (about what’s coming in APEX 5.1), but we’re also doing a pre-conference workshop.  There will be other non-Oracle people there presenting on APEX.  You should think about presenting at this conference, and you can submit your abstracts until February.  As I tried to convey to attendees last night, don’t think that you have to submit the most exotic, obtuse topic possible.  How you’re using APEX, the challenges you’ve encountered and how you worked around them, may be a very useful topic.  The conference committee wants to expand their APEX offerings, and I think those of us in Ohio should help them. https://www.neooug.org/gloc/

b)  In June, in Chicago, is the Oracle Development Tools User Group (ODTUG) annual Kscope conference.   This is the place to be on the planet if you do any APEX whatsoever.  Just in the APEX track alone, there will be 46 sessions over 5 days.  On the Sunday before the conference starts, there will be the Sunday Symposium, which will be exclusively from the Oracle APEX product development team.  From a global perspective, this is the place to be for APEX.  It’s highly technical, and attendees and speakers from around the world assemble here.  http://kscope16.com

4)  How to get started, especially for someone who is new.  I offered a couple suggestions:

a)  Go to https://apex.oracle.com, and scroll down to the "Learn More" section, where there are links to documentation, tutorials, videos, hands-on-labs, etc.
b)  An Oracle employee mentioned that he took the APEX training class on Udemy, and for 7 hours of training, he thought it was pretty good.  I can't vouch for the training, and this isn't an official recommendation, but he thought it was worth his time and money.  He also said that while it's priced at $25, they often run specials for as low as $10.  https://www.udemy.com/create-web-apps-with-apex-5/

5)  Lastly, I showed Oracle’s community site for APEX, https://apex.oracle.com/community

I showed the numerous customer quotes we’ve received, and I put another plea out to attendees that, if you’re using APEX, please consider going through your management chain to get approvals for a quote.  At least ask.   There is no huge legal process involved, approvals can all be done via email.  The hard part is taking time out of your day job and pursuing this at your employer (or customer).  It will be a huge benefit to the entire APEX community.

P.S. I never showed it last night, but ODTUG also has a nice community site for APEX, at http://odtug.com/apex

Customer User Administration in Cloud Portal

Joshua Solomin - Thu, 2016-01-07 17:01
New in My Oracle Support December 2015 Release

The December 2015 My Oracle Support Release added Customer User Administrator (CUA) functionality to the Oracle Cloud Support portal. The change makes it much easier for customers using the Cloud Portal (including many Oracle MICROS and Oracle Hospitality customers) to manage user access and Support Identifier (SI) tasks.

If you are a CUA, you will be notified of current administrative tasks in the notification area in the top area of the Cloud Portal page. You can also click your name, then the Administration sub-link, and you'll be taken to the CUA information view in the Cloud Portal.

Notification icon
User Request View
Video Training

Review the video found in "Cloud Support Portal - How to Use the CUA Functionality" (Document 2072499.1).

You can also review existing trainings on how to perform common CUA tasks by visiting "Customer User Administrator (CUA) Roles and Responsibilities" (Document 1544004.2).

The Cloud Portal allows you to verify user approval actions and review Support Identifier notices. However, Cloud Portal does not fully support managing Support Identifier assignments and renewals. To perform these actions you will need to continue using the standard My Oracle Support portal for the time being. Review the video training linked above for more details.

Legal Entity Document Sequencing in Receivables

OracleApps Epicenter - Thu, 2016-01-07 02:55
You need to consider these points when you are trying setup Legal Entity Document Sequencing in Receivables You can set up your primary ledger to allow document sequencing at the legal entity level instead of at the ledger level. This means if you have more than one legal entity assigned to the same ledger, you […]
Categories: APPS Blogs

Next Generation Outline Extractor released

Tim Tow - Wed, 2016-01-06 23:21

In the last week or so, we placed an updated version of the Next Generation Outline Extractor on our website. This version provides support for some updated Essbase versions, including,, and More importantly, it addresses a bug where alias names were improperly associated with parent members when using the MaxL extraction source.. This bug was reported to us by a number of users and we are glad we were able to address it. Here is a list of the issues that were addressed:

2015.11.23 - Issue 1401 - Resolved an issue where only one alias table is exported when using MaxL as the extract source.

2015.11.23 - Issue 1402 - Resolved an issue where extracts using MaxL input and having members specified with Unicode may print incorrect characters in the output.

2015.11.23 - Issue 1403 - Resolved an issue where aliases and udas may have been improperly placed on parent members.

Please contact our support team if you have any issues.

Categories: BI & Warehousing

Happy New Year: The Zode In The Road

Floyd Teter - Wed, 2016-01-06 10:31
Happy New Year!  No predictions from me for 2016...we've all seen how poorly that works out.  No resolutions either (although I may open a fitness gym called "Resolutions"...the place converts into a bar at the end of January).   Instead, I simply leave you with the wisdom of Dr. Seuss; something to consider as you kick off the new year.

The Zode In The Road 

Did I ever tell you about the young Zode,
Who came to two signs at the fork in the road?
One said to Place One, and the other, Place Two.
So the Zode had to make up his mind what to do.
Well...the Zode scratched his chin, and his head, and his pants.
And he said to himself, "I'll be taking a chance
If I go to Place One.  Now that place may be hot!
And so how do I know if I'll like it or not?
On the other hand though, I'll be sort of a fool
If I go to Place Two and I find it too cool.
In that case I may catch a chill and turn blue!
So, maybe Place One is the best, not Place Two,
But then again, what if Place One is too high?
I may catch a terrible earache and die.
So Place Two may be best.  On the other hand though...
What might happen to me if Place Two is too low?
I might get some very strange pain in my toe!
So Place One may be best", and he started to go.
Then he stopped, and he said, "On the other hand though... .
On the other hand... On the other hand... On the other hand though...
And for 36 hours and one half that poor Zode
Made starts and stops at the fork in the road
Saying "Don't take a chance! No! You may not be right."
Then he got an idea that was wonderfully bright!
"Play safe!" cried the Zode. "I'll play safe, I'm no dunce!
I'll simply start out for both places at once!"
And that's how the Zode who would not take a chance
Got no place at all with a split in his pants.

So make this the year you take a few chances...


Subscribe to Oracle FAQ aggregator