Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Alter User in Stored Procedure

Re: Alter User in Stored Procedure

From: Matthias Kleinicke <Matthias.Kleinicke_at_gmx.de>
Date: Mon, 15 Aug 2005 19:34:41 +0200
Message-ID: <ddqj6n$5cn$1@online.de> 





Hi,



John Rose schrieb:


> I am using Oracle security for my application and would like to allow users 

> to change their own passwords without using SQLPlus.  I am attempting to use 

> "ALTER USER username IDENTIFIED BY newpassword REPLACE oldpassword" in a 

> stored procedure to provide this functionality, but it always gets an 

> insufficent priveleges error.  The users can change passwords freely at the 

> SQLPlus prompt, but cannot do the same via the procedure.

> 

> Does anyone have any ideas?

> 



the procedure must use caller rights. By default the procedure will run 
using all rights given to the owner of the procedure. I do not expect 
this owner to have right ALTER USER so the routine can not succeed.
If caller rights are used, the routine will use privileges of the caller 
especially changing the own password.



hth



Matthias



PS.: caller rights is an option on create procedure. see syntax in docu.
Received on Mon Aug 15 2005 - 12:34:41 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US