My Oracle Support Banner

mod_plsql: Why A DAD Set Up With A User Without RESTRICTED SESSION Privilege Is Able To Log Into The Database When The Database Is Running In RESTRICTED MODE (Doc ID 1618895.1)

Last updated on AUGUST 24, 2023

Applies to:

Oracle HTTP Server - Version and later
Information in this document applies to any platform.


A mod_plsql application is able to access the database using the username and connect string specified in the DAD even when the database has been set to run in RESTRICTED MODE. When a database is set to operate in RESTRICTED MODE the expectation is just database users with the RESTRICTED SESSION privilege are able to log into the database. If the user specified in the DAD has not this privilege it should be unable to log in and return an ORA-1035 error instead.

When trying to access Database using a SQL tool like sqlplus or SQLDeveloper using the same DB user defined in the DAD the ORA-1035 is returned (as expected):




 No changes at the Database level.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 Solution 1
 Solution 2

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.