TechQA.

ORA-24247 ACL access denied in oracle 11g even after configuring ACL

3.1k views Asked by At

I have a case where a user should access a specific url inside a local network of the form 192.168.19.*. Although he has the appropriate grants on EXECUTE for UTL_HTTP and priviledges in acl list, still he can't access the urls allowed in the list.

Specifically, I have created my ACL as sys dba

BEGIN
 dbms_network_acl_admin.create_acl(
      acl => 'acl_name.xml',
      description => 'ACL description',
      principal => 'MYUSER', 
      is_grant => TRUE, 
      privilege => 'connect');
 commit;
dbms_network_acl_admin.assign_acl (
     acl => 'acl_name.xml',
     host => '192.168.19.*',
     lower_port => 1,
     upper_port => 9999);          
commit;
END;
/

Running the following as sys,

SELECT acl, principal, privilege, is_grant
FROM   dba_network_acl_privileges;

I get

ACL                     PRINCIPAL PRIVILEGE       IS_GRANT
----------------------- --------- --------------- --------
/sys/acls/acl_name.xml  MYUSER    connect         true

Connected as MYUSER and running the following query, 

 SELECT host, lower_port, upper_port, privilege, status
 FROM   user_network_acl_privileges;

i get

 HOST               LOWER_PORT UPPER_PORT PRIVILEGE STATUS                  
 ------------------ ---------- ---------- --------- -------
 192.168.19.*       1          9999       connect   GRANTED

so MYUSER who is granted with EXECUTE on UTL_HTTP, when tries to connect to the desired url like:

 select utl_http.request('http://192.168.19.202:7101/gdc') from dual;

gets:

 [Error] Execution (1: 8): ORA-29273: HTTP request failed
 ORA-06512: at "SYS.UTL_HTTP", line 1720
 ORA-24247: network access denied by access control list (ACL)
 ORA-06512: at line 1

I have tried to drop and recreate the list with no luck, tried to assign resolve priviledge also but still he can't go through ACL.

Am I missing something that prevents user from being able to call this url?

My verion info is:

 BANNER                                                                          
 -------------------------------------------------------------------------
 Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production    
 PL/SQL Release 11.2.0.4.0 - Production                                          
 CORE   11.2.0.4.0  Production                                                      
 TNS for IBM/AIX RISC System/6000: Version 11.2.0.4.0 - Production               
 NLSRTL Version 11.2.0.4.0 - Production                                          

 5 rows selected.
oracle oracle11g acl access-denied ora-24247
Original Q&A
0

There are 0 answers

Related Questions in ORACLE

Related Questions in ORACLE11G

Related Questions in ACL

Related Questions in ACCESS-DENIED

Related Questions in ORA-24247

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions