Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞
Recently, a lot of people in the group discussed Oracle security issues, and today I found some information to learn
Gets some of the properties of the Oracle current session (useful for SQL injection environmental judgments)
The Sys_context function returns the property value associated with the context namespace. This function can be used in SQL and PL/SQL statements.
Note: Sys_context returns properties for the duration of the user session, so you cannot use it in parallel queries or in real-time application of the cluster environment.
For namespaces and variables, you can define them as constant strings, or you can define a variable to replace a namespace or a string of attributes. The namespace must have been defined in the database and the associated parameters and values have been assigned to Dbms_session. The namespace must be a valid SQL identifier. The variable name can be any string. They are case-insensitive, but cannot exceed 30 bytes in length.
The data type returned by the function is VARCHAR2, and the default maximum length of the regression value is 256 bytes. You can also modify the default length value by setting the function parameter length. The valid length range for a value is 1 to 4000 bytes. (If you specify a value that is not in this range, Oracle will use the lack of governor degree.) )
Oracle9i provides a built-in "USERENV" namespace to represent the current session information. The predefined parameters of the namespace are table 1, and the last column of the table identifies the length of the return value.
I found it on the Internet.
Data being used to authenticate the login user. For x.503 certificate authenticated sessions, this field returns the "context of" the certificate in HEX2 format.
Note:you can change the return value of the authentication_data using the length parameter of the syntax. Values of up to 4000 are accepted. This is the attribute of USERENV to which Oracle implements such a change.
How the user was authenticated:
os:operating System External user authentication
Network:network protocol or ANO authentication
PROXY:OCI Proxy Connection authentication
Job ID of the current session if it is established by an Oracle background process. Null if the session is not established by a background process.
Returns up to bytes of user sessions information that can is stored by a application using the Dbms_application_info PA Ckage.
Name of the default schema being used in the current schema. This value can is changed during the session with a alter session SET CURRENT_SCHEMA statement.
Identifier of the default schema being used in the current session.
The name of the user whose privilege is under.
User ID of the user whose privilege the current session is under
Domain of the database as specified in the Db_domain initialization parameter.
Name of the database as specified in the db_name initialization parameter
The available auditing entry identifier. You are cannot use this option in distributed SQL statements. To the keyword in USERENV, the initialization parameter Audit_trail must is set to true.
External name of the database user. For SSL authenticated sessions a using v.503 certificates, this field returns the distinguished name (DN) stored in the user Certificate.
Job ID of the current session if it is established by a client foreground process. Null if the session is not established by a foreground process.
The Name of the host machine from which the client has connected.
The instance identification number of the current instance.
IP address to the machine from which, the client is connected.
TRUE If you are currently have the DBA role enabled and FALSE.
The ISO abbreviation for the language name, a shorter form than the existing ' language ' parameter.
The language and territory currently used by your sessions, along with the database character set, in this form:
Network protocol being used for communication, as specified in the ' protocol=protocol ' portion of the ' connect string.
The current calendar is session.
The currency of the current session.
The date format for the session.
The language used for expressing dates.
BINARY or the linguistic sort basis.
The territory of the current session.
Operating system username of the client process that initiated the database session
Name of the database user who opened the "current sessions on" behalf of Session_user.
Identifier of the database user who opened the "current session" on behalf of Session_user.
The Database user name by which the "Current user" is authenticated. This value remains the duration of the same throughout.
Identifier of the database user name by which the "Current user" is authenticated.
The auditing session identifier. You are cannot use this option in distributed SQL statements.
The operating system identifier for the "client" session. In distributed SQL statements, this option returns the identifier for your local session. In a distributed environment, this is supported only for remote SELECT statements, not for remote insert, UPDATE, or delet E operations. (The return length of this parameter could vary by operating system.)
This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or
reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or
complaint, to firstname.lastname@example.org. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
and provide relevant evidence. A staff member will contact you within 5 working days.