mod_plsql: Why A DAD Set Up With A User Without RESTRICTED SESSION Privilege Is Able To Log Into The Database When The Database Is Running In RESTRICTED MODE
Last updated on FEBRUARY 15, 2017
Applies to:Oracle HTTP Server - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
A mod_plsql application is able to access the database using the username and connect string specified in the DAD even when the database has been set to run in RESTRICTED MODE. When a database is set to operate in RESTRICTED MODE the expectation is just database users with the RESTRICTED SESSION privilege are able to log into the database. If the user specified in the DAD has not this privilege it should be unable to log in and return an ORA-1035 error instead.
When trying to access Database using a SQL tool like sqlplus or SQLDeveloper using the same DB user defined in the DAD the ORA-1035 is returned (as expected):
No changes at the Database level.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms