Received: (qmail 9208 invoked from network); 6 Sep 2012 17:23:54 -0500
Received: from freelists-180.iquest.net (HELO turing.freelists.org) (206.53.239.180)
  by static-ip-85-25-126-90.inaddr.ip-pool.com with SMTP; 6 Sep 2012 17:23:49 -0500
Received: from localhost (localhost [127.0.0.1])
 by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 1FC6DEE81FF;
 Thu,  6 Sep 2012 18:23:47 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=freelists.org;
 s=turing; t=1346970227; bh=KAIhnw+ShtvWgsTkG0Qjr+AEjNBn78aoEim1tUL4
 LNU=; h=From:To:Subject:Date:Message-ID:References:In-Reply-To:
	 Content-type:Content-Transfer-Encoding:MIME-Version:Sender:
	 Reply-To:List-help:List-unsubscribe:List-Id:List-subscribe:
	 List-owner:List-post:List-archive; b=fQmn0DPARRxEjMEa6GGK5gkvg7GJM
 RwARD05tcWz8BBRkz4bvS7I//lj+sM/y7eBQi7pQcgGALa81yraF8WNJpxQ2797lRcI
 pBBO8oBczEi4vgJkfN021MP8B7DJb2iSLJSD9bIazQLdmE8+rCzxoMy571RzXCa4QJg
 NeixDMQM=
X-Virus-Scanned: Debian amavisd-new at localhost.localdomain
Received: from turing.freelists.org ([127.0.0.1])
 by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id GX87PnHhwFNT; Thu,  6 Sep 2012 18:23:46 -0400 (EDT)
Received: from turing.freelists.org (localhost [127.0.0.1])
 by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 99499EE83BC;
 Thu,  6 Sep 2012 18:23:02 -0400 (EDT)
Received: with ECARTIS (v1.0.0; list oracle-l); Thu, 06 Sep 2012 18:22:21 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1])
 by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id BBD5FEE8348
 for <oracle-l@freelists.org>; Thu,  6 Sep 2012 18:22:20 -0400 (EDT)
Received: from turing.freelists.org ([127.0.0.1])
 by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id zjFrvt2GVr9j for <oracle-l@freelists.org>;
 Thu,  6 Sep 2012 18:22:20 -0400 (EDT)
Received: from mail.amis.nl (mail.amis.nl [81.18.255.173])
 by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 4DF43EE832F
 for <oracle-l@freelists.org>; Thu,  6 Sep 2012 18:22:15 -0400 (EDT)
Received: from AMIS-EX01.AMIS.local ([fe80::60ed:5bbd:542a:e7d6]) by
 AMIS-EX01.AMIS.local ([fe80::60ed:5bbd:542a:e7d6%12]) with mapi id
 14.02.0318.001; Fri, 7 Sep 2012 00:21:07 +0200
From: Marco Gralike <Marco.Gralike@amis.nl>
To: "peter.schauss@ngc.com" <peter.schauss@ngc.com>, Wolfson Larry - lwolfs
 <lawrence.wolfson@acxiom.com>, "oracle-l@freelists.org"
 <oracle-l@freelists.org>
Subject: RE: Privileges for registering an XML schema
Thread-Topic: Privileges for registering an XML schema
Date: Thu, 6 Sep 2012 22:21:07 +0000
Message-ID: <4386DA87DA4D7C47813696F5B16DFDD59BF173@AMIS-EX01.AMIS.local>
References: <8AE45871F749FC4CBBE053CF2F8A493C0CFB390F@XMBVAG74.northgrum.com>
 <EDA437CAA8612C418E013CDA4B4A7551EC5A7CF7@CWYIGMBCRP01.Corp.Acxiom.net>,<8AE45871F749FC4CBBE053CF2F8A493C0CFB3F1B@XMBVAG74.northgrum.com>
In-Reply-To: <8AE45871F749FC4CBBE053CF2F8A493C0CFB3F1B@XMBVAG74.northgrum.com>
Accept-Language: en-US, nl-NL
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.21.121.250]
Content-type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
X-archive-position: 44686
X-ecartis-version: Ecartis v1.0.0
Sender: oracle-l-bounce@freelists.org
Errors-to: oracle-l-bounce@freelists.org
X-original-sender: Marco.Gralike@amis.nl
Precedence: normal
Reply-To: Marco.Gralike@amis.nl
List-help: <mailto:ecartis@freelists.org?Subject=help>
List-unsubscribe: <oracle-l-request@freelists.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: oracle-l <oracle-l.freelists.org>
X-List-ID: oracle-l <oracle-l.freelists.org>
List-subscribe: <oracle-l-request@freelists.org?Subject=subscribe>
List-owner: <mailto:steve.adams@ixora.com.au>
List-post: <mailto:oracle-l@freelists.org>
List-archive: <http://www.freelists.org/archives/oracle-l>
X-list: oracle-l

You don't need the ANY privilege and/or even DIRECTORY stuff. That's only needed if you get your XML Schema content from the server via a BFILENAME construct. Alternative methods for getting the content of the XML Schema (XSD) is by providing the whole content or via getting it out of the XDB Repository via XDBUriTpe method.

Also XDBADMIN is not needed if you don't need to register your XSD for all to see, that is 


LOCAL => FALSE,

in DBMS_XMLSCHEMA.registerSchema. XSD's are protected by ACL's that is via the underlying VPD database methods. By user LOCAL => TRUE a database DBA role can not see the content by default.

M.

________________________________________
From: oracle-l-bounce@freelists.org [oracle-l-bounce@freelists.org] on behalf of Schauss, Peter (ESS) [peter.schauss@ngc.com]
Sent: Wednesday, August 29, 2012 16:21
To: Wolfson Larry - lwolfs; oracle-l@freelists.org
Subject: RE: Privileges for registering an XML schema

Larry,

Thanks for the help.  I added the privileges one at a time and kept retrying.  It finally worked after I added RESOURCE.  RESOURCE is a role which grants multiple system privileges, so I looked up what it grants and compared it to the objects which were created when I registered the schema.  My first guess is that the missing privilege was CREATE TRIGGER.  After I get all of this stuff working, I will try to go back and refine the actual privileges needed.

-Peter Schauss



-----Original Message-----
From: Wolfson Larry - lwolfs [mailto:lawrence.wolfson@acxiom.com]
Sent: Tuesday, August 28, 2012 4:43 PM
To: Schauss, Peter (ESS); oracle-l@freelists.org
Subject: RE: Privileges for registering an XML schema

We just had someone go through this and Think you need all of these

GRANT ALTER  SESSION     TO &&USER;
GRANT CREATE SESSION     TO &&USER;
GRANT CREATE SYNONYM     TO &&USER;
GRANT CREATE TABLE       TO &&USER;
GRANT CREATE TYPE        TO &&USER;
GRANT CREATE VIEW        TO &&USER;
GRANT DROP ANY DIRECTORY TO &&USER;
GRANT RESOURCE           TO &&USER;

  Hope that helps,
    Larry

-----Original Message-----
From: oracle-l-bounce@freelists.org [mailto:oracle-l-bounce@freelists.org] On Behalf Of Schauss, Peter (ESS)
Sent: Tuesday, August 28, 2012 9:57 AM
To: oracle-l@freelists.org
Subject: Privileges for registering an XML schema

This is Oracle 11.2.0.3 running on AIX 5.3.

Following the example in the "Using Oracle XML DB" I run:

BEGIN
DBMS_XMLSCHEMA.registerSchema(
SCHEMAURL => 'http://local_host:8080/xdb/documentation/MY_Schema.xsd',
SCHEMADOC => bfilename('XML_FILES','MY_Schema.xsd'),
LOCAL => TRUE,
GENTYPES => TRUE,
GENTABLES => TRUE,
CSID => nls_charset_id('WE8ISO8859P1')); END;

And get:

ORA-31061: XDB error: DBMS_XDBZ.ENABLE_HIERARCHY
ORA-06512: at "XDB.DBMS_XDBZ0", line 131
ORA-06512: at "XDB.DBMS_XDBZ0", line 588
ORA-01031: insufficient privileges
ORA-06512: at "XDB.DBMS_XDBZ", line 37
ORA-06512: at line 1
ORA-06512: at "XDB.DBMS_XMLSCHEMA_INT", line 37
ORA-06512: at "XDB.DBMS_XMLSCHEMA", line 65
ORA-06512: at "XDB.DBMS_XMLSCHEMA", line 136
ORA-06512: at line 2

My user has the following privileges:

create table
create any directory
xdbadmin
create view
create type

MOS says that xdbadmin is the only privilege I need to run this stored procedure.  What am I missing?

Thanks,
Peter Schauss
--
http://www.freelists.org/webpage/oracle-l


***************************************************************************
The information contained in this communication is confidential, is intended only for the use of the recipient named above, and may be legally privileged.

If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.

If you have received this communication in error, please resend this communication to the sender and delete the original message or any copy of it from your computer system.

Thank You.
****************************************************************************

--
http://www.freelists.org/webpage/oracle-l


--
http://www.freelists.org/webpage/oracle-l