mod_plsql: Why A DAD Set Up With A User Without RESTRICTED SESSION Privilege Is Able To Log Into The Database When The Database Is Running In RESTRICTED MODE (Doc ID 1618895.1)

Last updated on AUGUST 24, 2023

Applies to:

Oracle HTTP Server - Version 11.1.1.2.0 and later
Information in this document applies to any platform.

Symptoms

A mod_plsql application is able to access the database using the username and connect string specified in the DAD even when the database has been set to run in RESTRICTED MODE. When a database is set to operate in RESTRICTED MODE the expectation is just database users with the RESTRICTED SESSION privilege are able to log into the database. If the user specified in the DAD has not this privilege it should be unable to log in and return an ORA-1035 error instead.

When trying to access Database using a SQL tool like sqlplus or SQLDeveloper using the same DB user defined in the DAD the ORA-1035 is returned (as expected):

Changes

No changes at the Database level.

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

mod_plsql: Why A DAD Set Up With A User Without RESTRICTED SESSION Privilege Is Able To Log Into The Database When The Database Is Running In RESTRICTED MODE (Doc ID 1618895.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!