| Actions As SYS |
| Note: USERENV is an Oracle provided namespace that describes the current session. |
| Syntax |
SELECT sys_context('<namespace>', '<parameter>', <length>);
FROM DUAL; |
| |
| Attribute |
Return Value |
| ACTION |
Identifies the position in the module (application name) and is set through the DBMS_APPLICATION_INFO package or OCI. |
| SELECT sys_context('USERENV', 'ACTION') FROM DUAL;
exec dbms_application_info.set_action('INSERTING');
SELECT sys_context('USERENV', 'ACTION') FROM DUAL; |
| AUDITED_CURSORID |
Returns the cursor ID of the SQL that triggered the audit. This parameter is not valid in a fine-grained auditing environment. If you specify it in such an environment, Oracle Database always returns NULL. |
| AUTHENTICATED_IDENTITY |
Returns the identity used in authentication. In the list that follows, the type of user is followed by the value returned:
- Kerberos-authenticated enterprise user: kerberos principal name
- Kerberos-authenticated external user : kerberos principal name; same as the schema name
- SSL-authenticated enterprise user: the DN in the user's PKI certificate
- SSL-authenticated external user: the DN in the user's PKI certificate
- Password-authenticated enterprise user: nickname; same as the login name
- Password-authenticated database user: the database username; same as the schema name
- OS-authenticated external user: the external operating system user name
- Radius/DCE-authenticated external user: the schema name
- Proxy with DN : Oracle Internet Directory DN of the client
- Proxy with certificate: certificate DN of the client
- Proxy with username: database user name if client is a local database user; nickname if client is an enterprise user
- SYSDBA/SYSOPER using Password File: login name
- SYSDBA/SYSOPER using OS authentication: operating system user name
|
| AUTHENTICATION_DATA |
Data being used to authenticate the login user. For X.503 certificate authenticated sessions, this field returns the context of the certificate in HEX2 format.
Note: You can change the return value of the AUTHENTICATION_DATA attribute using the length parameter of the syntax. Values of up to 4000 are accepted. This is the only attribute of USERENV for which Oracle implements such a change. |
| AUTHENTICATION_METHOD |
Returns the method of authentication. In the list that follows, the type of user is followed by the method returned.
- Password-authenticated enterprise user, local database user, or SYSDBA/SYSOPER using Password File; proxy with username using password: PASSWORD
- Kerberos-authenticated enterprise or external user: KERBEROS
- SSL-authenticated enterprise or external user: SSL
- Radius-authenticated external user: RADIUS
- OS-authenticated external user or SYSDBA/SYSOPER: OS
- DCE-authenticated external user: DCE
- Proxy with certificate, DN, or username without using password: NONE
|
| BG_JOB_ID |
Job ID of the current session if it was established by an Oracle background process. Null if the session was not established by a background process. |
| CLIENT_IDENTIFIER |
Returns an identifier that is set by the application through the DBMS_SESSION.SET_IDENTIFIER procedure, the OCI attribute OCI_ATTR_CLIENT_IDENTIFIER, or the Java class Oracle.jdbc.OracleConnection.setClientIdentifier. This attribute is used by various database components to identify lightweight application users who authenticate as the same user. |
| SELECT sys_context('USERENV', 'CLIENT_IDENTIFIER') FROM DUAL;
exec dbms_session.set_identifier(USER || ' ' || SYSTIMESTAMP);
SELECT sys_context('USERENV', 'CLIENT_IDENTIFIER') FROM DUAL; |
| CLIENT_INFO |
Returns user session information that can be stored by an application using the DBMS_APPLICATION_INFO package. |
| SELECT sys_context('USERENV', 'CLIENT_INFO') FROM DUAL;
exec dbms_application_info.set_client_info('TEST');
SELECT sys_context('USERENV', 'CLIENT_INFO') FROM DUAL; |
| CURRENT_BIND |
The bind variables for fine-grained auditing |
| CURRENT_EDITION_ID |
The numeric identifier of the current edition |
| SELECT sys_context('USERENV', 'CURRENT_EDITION_ID') FROM DUAL; |
| CURRENT_EDITION_NAME |
The name of the current edition |
| SELECT sys_context('USERENV', 'CURRENT_EDITION_NAME') FROM DUAL; |
| CURRENT_SCHEMA |
Name of the default schema being used in the current schema. This value can be changed during the session with anALTER SESSION SET CURRENT_SCHEMA statement. |
| SELECT sys_context('USERENV', 'CURRENT_SCHEMA') FROM DUAL; |
| CURRENT_SCHEMAID |
Identifier of the default schema being used in the current session. |
| SELECT sys_context('USERENV', 'CURRENT_SCHEMAID') FROM DUAL;
SELECT user#
FROM sys.user$
WHERE name = USER; |
| CURRENT_SQL |
Returns the first 4K bytes of the current SQL that triggered the fine-grained auditing event. |
| CURRENT_SQLn |
CURRENT_SQLn attributes return subsequent 4K-byte increments, where n can be an integer from 1 to 7, inclusive. CURRENT_SQL1 returns bytes 4K to 8K; CURRENT_SQL2 returns bytes 8K to 12K, and so forth. You can specify these attributes only inside the event handler for the fine-grained auditing feature. |
| CURRENT_SQL_LENGTH |
The length of the current SQL statement that triggers fine-grained audit or row-level security (RLS) policy functions or event handlers. Valid only inside the function or event handler. |
| DB_DOMAIN |
Domain of the database as specified in the DB_DOMAIN initialization parameter. |
| SELECT sys_context('USERENV', 'DB_DOMAIN') FROM DUAL; |
| DB_NAME |
Name of the database as specified in the DB_NAME initialization parameter. |
| SELECT sys_context('USERENV', 'DB_NAME') FROM DUAL;
SELECT name, value
FROM gv$parameter
WHERE name LIKE 'db%name'; |
| DB_UNIQUE NAME |
Name of the database as specified in the DB_UNIQUE_NAME initialization parameter. |
| SELECT sys_context('USERENV', 'DB_UNIQUE_NAME') FROM DUAL;
SELECT name, value
FROM gv$parameter
WHERE name LIKE 'db%name'; |
| ENTRYID |
The available auditing entry identifier. You cannot use this option in distributed SQL statements. To use this keyword in USERENV, the initialization parameter AUDIT_TRAIL must be set to true. |
| ENTERPRISE_IDENTITY |
Returns the user's enterprise-wide identity:
- For enterprise users: the Oracle Internet Directory DN.
- For external users: the external identity (Kerberos principal name, Radius and DCE schema names, OS user name, Certificate DN).
- For local users and SYSDBA/SYSOPER logins: NULL.
The value of the attribute differs by proxy method:
- For a proxy with DN: the Oracle Internet Directory DN of the client
- For a proxy with certificate: the certificate DN of the client for external users; the Oracle Internet Directory DN for global users
- For a proxy with username: the Oracle Internet Directory DN if the client is an enterprise users; NULL if the client is a local database user.
|
| FG_JOB_ID |
Job ID of the current session if it was established by a client foreground process. Null if the session was not established by a foreground process. |
| GLOBAL_CONTEXT_MEMORY |
The number used in the System Global Area by the globally accessed context. |
| SELECT sys_context('USERENV', 'GLOBAL_CONTEXT_MEMORY') FROM DUAL; |
| GLOBAL_UID |
Returns the global user ID from Oracle Internet Directory for Enterprise User Security (EUS) logins; returns null for all other logins. |
| HOST |
Name of the host machine from which the client has connected. |
| SELECT sys_context('USERENV', 'HOST') FROM DUAL; |
| IDENTIFICATION_TYPE |
Returns the way the user's schema was created in the database. Specifically, it reflects the IDENTIFIED clause in the CREATE/ALTER USER syntax. In the list that follows, the syntax used during schema creation is followed by the identification type returned:
- IDENTIFIED BY password: LOCAL
- IDENTIFIED EXTERNALLY: EXTERNAL
- IDENTIFIED GLOBALLY: GLOBAL SHARED
- IDENTIFIED GLOBALLY AS DN: GLOBAL PRIVATE
|
| SELECT sys_context('USERENV', 'IDENTIFICATION_TYPE') FROM DUAL; |
| INSTANCE |
The instance identification number of the current instance. |
| SELECT sys_context('USERENV', 'INSTANCE') FROM DUAL; |
| INSTANCE_NAME |
The name of the instance. |
| SELECT sys_context('USERENV', 'INSTANCE_NAME') FROM DUAL; |
| IP_ADDRESS |
IP address of the machine from which the client is connected. |
| ISDBA |
TRUE if the session is SYS |
| SELECT sys_context('USERENV', 'ISDBA') FROM DUAL; |
| LANG |
The ISO abbreviation for the language name, a shorter form than the existing 'LANGUAGE' parameter. |
| SELECT sys_context('USERENV', 'LANG') FROM DUAL; |
| LANGUAGE |
The language and territory currently used by your session, along with the database character set, in the form:
language_territory.characterset. |
| SELECT sys_context('USERENV', 'LANGUAGE') FROM DUAL; |
| MODULE |
The application name (module) set through the DBMS_APPLICATION_INFO package or OCI. |
| SELECT sys_context('USERENV', 'MODULE') FROM DUAL; |
| NETWORK_PROTOCOL |
Network protocol being used for communication, as specified in the 'PROTOCOL=protocol' portion of the connect string. |
| NLS_CALENDAR |
The current calendar of the current session. |
| SELECT sys_context('USERENV', 'NLS_CALENDAR') FROM DUAL; |
| NLS_CURRENCY |
The currency of the current session. |
| SELECT sys_context('USERENV', 'NLS_CURRENCY') FROM DUAL; |
| NLS_DATE_FORMAT |
The date format for the session. |
| SELECT sys_context('USERENV', 'NLS_DATE_FORMAT') FROM DUAL; |
| NLS_DATE_LANGUAGE |
The language used for expressing dates. |
| SELECT sys_context('USERENV', 'NLS_DATE_LANGUAGE') FROM DUAL; |
| NLS_SORT |
BINARY or the linguistic sort basis. |
| SELECT sys_context('USERENV', 'NLS_SORT') FROM DUAL; |
| NLS_TERRITORY |
The territory of the current session. |
| SELECT sys_context('USERENV', 'NLS_TERRITORY') FROM DUAL; |
| OS_USER |
Operating system username of the client process that initiated the database session. |
| SELECT sys_context('USERENV', 'OS_USER') FROM DUAL; |
| POLICY_INVOKER |
The invoker of row-level security (RLS) policy functions. |
| PROXY_ENTERPRISE_IDENTITY |
Returns the Oracle Internet Directory DN when the proxy user is an enterprise user. |
| PROXY_GLOBAL_UID |
Returns the global user ID from Oracle Internet Directory for Enterprise User Security (EUS) proxy users; returns NULL for all other proxy users. |
| PROXY_USER |
Name of the database user who opened the current session on behalf of SESSION_USER. |
| PROXY_USERID |
Identifier of the database user who opened the current session on behalf of SESSION_USER. |
| SERVER_HOST |
The host name of the machine on which the instance is running. |
| SELECT sys_context('USERENV', 'SERVER_HOST') FROM DUAL; |
| SERVICE_NAME |
The name of the service to which a given session is connected. |
| SELECT sys_context('USERENV', 'SERVICE_NAME') FROM DUAL; |
| SESSION_USER |
Database user name by which the current user is authenticated. This value remains the same throughout the duration of the session. |
| SELECT sys_context('USERENV', 'SESSION_USER') FROM DUAL; |
| SESSION_USERID |
Identifier of the database user name by which the current user is authenticated. |
| SELECT sys_context('USERENV', 'SESSION_USERID') FROM DUAL; |
| SESSIONID |
The auditing session identifier. You cannot use this option in distributed SQL statements. This is the equivalent to the AUDSID column in gv$session. |
| SELECT sys_context('USERENV', 'SESSIONID') FROM DUAL; |
| SID |
The session number (different from the session ID). |
| SELECT sys_context('USERENV', 'SID') FROM DUAL; |
| STATEMENTID |
The auditing statement identifier. STATEMENTID represents the number of SQL statements audited in a given session. |
| TERMINAL |
The operating system identifier for the client of the current session. In distributed SQL statements, this option returns the identifier for your local session. In a distributed environment, this is supported only for remote SELECT statements, not for remote INSERT, UPDATE, or DELETE operations. (The return length of this parameter may vary by operating system.) |
| SELECT sys_context('USERENV', 'TERMINAL') FROM DUAL; |
| |
| Context Demo |
| User Created Contexts |
CREATE OR REPLACE CONTEXT App_Ctx using My_pkg
ACCESSED GLOBALLY;
CREATE OR REPLACE PACKAGE my_pkg IS
PROCEDURE set_session_id(p_session_id NUMBER);
PROCEDURE set_ctx(p_name VARCHAR2, p_value VARCHAR2);
PROCEDURE close_session(p_session_id NUMBER);
END;
/
CREATE OR REPLACE PACKAGE BODY my_pkg IS
g_session_id NUMBER;
PROCEDURE set_session_id(p_session_id NUMBER) IS
BEGIN
g_session_id := p_session_id;
dbms_session.set_identifier(p_session_id);
end set_session_id;
--===============================================
PROCEDURE set_ctx(p_name VARCHAR2, p_value VARCHAR2) IS
BEGIN
dbms_session.set_context('App_Ctx',p_name,p_value,USER,g_session_id);
END set_ctx;
--===============================================
PROCEDURE close_session(p_session_id ) IS
BEGIN
dbms_session.set_identifier(p_session_id);
dbms_session.clear_identifier;
END close_session;
--===============================================
END;
/
col var1 format a10
col var2 format a10
exec my_pkg.set_session_id(1234);
exec my_pkg.set_ctx('Var1', 'Val1');
exec my_pkg.set_ctx('Var2', 'Val2');
SELECT sys_context('app_ctx', 'var1') var1,
sys_context('app_ctx', 'var2') var2
FROM DUAL;
-- Now we'll log out/log in
-- At first, the context is empty-but we rejoin the session & there it is
disconnect
connect uwclass/uwclass
SELECT sys_context('app_ctx', 'var1') var1,
sys_context('app_ctx', 'var2') var2
FROM DUAL;
exec my_pkg.set_session_id(1234);
SELECT sys_context('app_ctx', 'var1') var1,
sys_context('app_ctx', 'var2') var2
FROM DUAL;
-- Now we'll show that this context is tied to our user (we specified
-- USER above, if we used null anyone can join this session).
grant execute on my_pkg to scott;
conn scott/tiger
exec uwclass.my_pkg.set_session_id(1234);
SELECT sys_context('app_ctx', 'var1') var1,
sys_context('app_ctx', 'var2') var2
FROM DUAL;
-- Return to the set context again and clear it
conn uwclass/uwclass
exec my_pkg.set_session_id(1234);
SELECT sys_context('app_ctx', 'var1') var1,
sys_context('app_ctx', 'var2') var2
FROM DUAL;
exec my_pkg.close_session(1234);
SELECT sys_context('app_ctx', 'var1') var1,
sys_context('app_ctx', 'var2') var2
FROM DUAL; |
