CODEWITHSUNDEEP
oracle-databasestored-proceduresoracle11g
zaq
zaq

Reputation: 2661

Logging stored procedure access in Oracle

Is there an convenient way to log access to stored procedures from withing Oracle? I am a web developer and presently we are required to pass a variety of user info to many stored procedures so that those procedures can in turn call another procedure that logs access to the original stored procedure in a table.

For example if I want to call a procedure called get_movie(id) that will return a row from the movie table based on id, I would have to do something like this get_movie(username, domain, ip, id) so that the procedure can log the user/domain/ip of the web user who initiated the call to the procedure.

It seems like there must be a better way but my knowledge of Oracle is limited.

Upvotes: 0

Views: 1481

Answers (3)

Kevin Burton
Kevin Burton

Reputation: 11924

I would set the common parameters using a procedure and sys_context every time you get your connection

e.g:

CREATE OR REPLACE PROCEDURE set_context
(
    v_userid IN VARCHAR2,
    v_domain IN VARCHAR2,
    v_ip IN VARCHAR2,
    v_id IN VARCHAR2
)
AS
BEGIN 
    DBMS_SESSION.SET_CONTEXT('SESSIONCONTEXT', 'username', v_userid); 
    DBMS_SESSION.SET_CONTEXT('SESSIONCONTEXT', 'domain', v_domain); 
    DBMS_SESSION.SET_CONTEXT('SESSIONCONTEXT', 'ip', v_ip); 
    DBMS_SESSION.SET_CONTEXT('SESSIONCONTEXT', 'id', v_id); 
END;

and to query the values:

SELECT SYS_CONTEXT('SESSIONCONTEXT', 'username') FROM dual;

see: http://download.oracle.com/docs/cd/E14072_01/server.112/e10592/functions182.htm and

Is there a way to communicate application context to a DB connection in non-Sybase DB servers (similar to set_appcontext in Sybase)?

Upvotes: 3

user1049838
user1049838

Reputation:

Other option is to open an oracle user for every "end user" and grant them access to the schema where the business logic is. USe public synonyms.

Upvotes: 0

Nathan Feger
Nathan Feger

Reputation: 19506

It is probably impossible to do that. (warning many assumptions upcoming)

Primarily because the user from oracle's perspective is probably whatever user is connecting from your application to the database. Oracle certainly knows about the user connecting, but I would venture to guess that most if not all of your queries to the db are done through a single user configured in a properties file somewhere.

That is why these values need to be passed in, because the application has a connection to those users and can know their ip. However, the db doesn't as it is (hopefully) sectioned off from users connecting directly.

Upvotes: 0

Related Questions