ORA-47401 while granting privilege on Database Vault protected object as object owner (Doc ID 1341292.1)

Last updated on NOVEMBER 22, 2016

Applies to:

Oracle Database Vault - Version 11.1.0.6 to 11.2.0.3 [Release 11.1 to 11.2]
Information in this document applies to any platform.

Symptoms


-- Database Vault is enabled in the database.

-- While granting access / SELECT privilege on a table as the owner of the table ORA-47401 error is reported.

SQL> connect arathy/******
Connected.
SQL> show user
USER is "ARATHY"
SQL> grant select on arathy.test to arathy_role;
grant select on arathy.test to arathy_role
*
ERROR at line 1:
ORA-47401: Realm violation for GRANT on ARATHY.TEST


-- The table, schema owning the table and the role to which the privilege is being granted have been added to the same realm that protects the table.

SQL> BEGIN
DVSYS.DBMS_MACADM.CREATE_REALM(
realm_name => 'Test_Realm',
description => 'Test',
enabled => DBMS_MACUTL.G_YES,
audit_options => 0);
END;
/

SQL> BEGIN
DVSYS.DBMS_MACADM.ADD_OBJECT_TO_REALM(
realm_name => 'Test_Realm',
object_owner => 'ARATHY',
object_name => 'TEST',
object_type => 'TABLE');
END;
/

SQL> BEGIN
DVSYS.DBMS_MACADM.ADD_AUTH_TO_REALM(
realm_name => 'Test_Realm',
grantee => 'ARATHY');
END;
/

SQL> BEGIN
DVSYS.DBMS_MACADM.ADD_OBJECT_TO_REALM(
realm_name => 'Test_Realm',
object_owner => 'SYS',
object_name => 'ARATHY_ROLE',
object_type => 'ROLE');
END;
/

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms