If ACL is NULL, any ACL assigned to the host is unassigned. username is case-insensitive unless it is quoted (for example, principal_name => '"PSMITH"'). AWS: Specifies the Amazon Simple Storage Service (S3) scheme. Table 122-4 ADD_PRIVILEGE Function Parameters, Name of the ACL. Oracle Database Real Application Security Administrator's and Developer's Guide, "Managing Fine-grained Access to External Network Services". When specifying a TCP port range of a host, it cannot overlap with other existing port ranges of the host. You can create the wallet using the Oracle Database mkstore utility or Oracle Wallet Manager. ORA-24247: acceso de red denegado por la lista de control de acceso (ACL) ORA-06512: en "SYS.UTL_INADDR", lnea 19 ORA-06512: en "SYS.UTL_INADDR", lnea 40 ORA-06512: en lnea 1 24247. The order is important because ACEs are evaluated in the given order. Configuring fine-grained access control to Oracle wallets to make HTTP requests that require password or client-certificate authentication. Table 122-20 UNASSIGN_ACL Function Parameters. Users are discouraged from setting a host's ACL manually. You can use a wildcard to specify a domain or a IP subnet. Table 115-11 CHECK_PRIVILEGE Function Parameters. A wildcard can be used to specify a domain or a IP subnet. Oracle Database first selects the access control list assigned to port 80 through 99 at server.us.example.com, ahead of the other access control list assigned to server.us.example.com that is without a port range. wallet_password: Enter the password used to open the wallet. Start date of the access control entry (ACE). User to check against. For example, ::ffff:192.0.2.1 is equivalent to 192.0.2.1, and ::ffff:192.0.2.1/120 is equivalent to 192.0.2.*. I have an Apex 19 installation runinng on 11.2.0.4. The host can be the name or the IP address of the host. When specified, the ACE expires after the specified date. If the protected URL being requested requires the user name and password to authenticate, then you can use the SET_AUTHENTICATION_FROM_WALLET procedure to set the user name and password from the wallet to authenticate. The DBMS_NETWORK_ACL_ADMIN.REMOVE_HOST_ACE procedure can be used to revoke external network privileges. Table 122-15 DROP_ACL Procedure Parameters. If a NULL value is given, the deletion is applicable to both granted or denied privileges. Case sensitive. Start date of the access control entry (ACE). The end_date must be greater than or equal to the start_date. To remove the ACE, use the REMOVE_WALLET_ACE Procedure. request_context: Enter the name of the request context object that you created earlier in this section. So for a given host, for example, "www.us.example.com", the following domains are listed in decreasing precedences: In the same way, the ACL assigned to an subnet takes a lower precedence than the other ACLs assigned smaller subnets, which take a lower precedence than the ACLs assigned to the individual IP addresses. Table 115-9 ASSIGN_ACL Function Parameters. The chapter contains the following topics: Summary of DBMS_NETWORK_ACL_ADMIN Subprograms, For more information, see "Managing Fine-grained Access to External Network Services" in Oracle Database Security Guide. When specified, the ACE is valid only on and after the specified date. To remove the assignment, use the UNASSIGN_WALLET_ACL Procedure. [DEPRECATED] Assigns an access control list (ACL) to a wallet, [DEPRECATED] Checks if a privilege is granted or denied the user in an access control list (ACL), [DEPRECATED] Checks if a privilege is granted to or denied from the user in an ACL by specifying the object ID of the access control list, [DEPRECATED] Creates an access control list (ACL) with an initial privilege setting, [DEPRECATED] Deletes a privilege in an access control list (ACL), [DEPRECATED] Drops an access control list (ACL), Removes privileges from access control entries (ACE) in the access control list (ACL) of a network host matching the given ACE, Removes privileges from access control entries (ACE) in the access control list (ACL) of a wallet matching the given ACE, Sets the access control list (ACL) of a network host which controls access to the host from the database, Sets the access control list (ACL) of a wallet which controls access to the wallet from the database, [DEPRECATED] Unassigns the access control list (ACL) currently assigned to a network host, [DEPRECATED] Unassigns the access control list (ACL) currently assigned to a wallet. The ACL has no access control effect unless it is assigned to the network target. [DEPRECATED] Assigns an access control list (ACL) to a host computer, domain, or IP subnet, and if specified, the TCP port range. Lower bound of a TCP port range if not NULL. The path is case-sensitive and of the format file:directory-path. The start_date will be ignored if the privilege is added to an existing ACE. ACLs are used to control access by users to external network services and resources from the database through PL/SQL network utility packages including UTL_TCP , UTL_HTTP , UTL_SMTP and UTL_INADDR . When specified, the ACE will be valid only on and after the specified date. Managing User Authentication andAuthorization. The DBMS_NETWORK_ACL_UTILITY package contains functions to help determine possible matching domains. The default is NULL, which is used for auto-login wallets. The host or domain name is case-insensitive. Oracle 11g New Features Tips. The ACL has no access control effect unless it is assigned to the network target. The DOMAINS table function returns a collection of all possible references that may affect the specified host, domain, IP address or subnet, in order of precedence. Table 122-14 DELETE_PRIVILEGE Function Parameters, Principal (database user or role) for whom all the ACE will be deleted. An ACL, as the name implies, is simply a list of who can access what, and with which privileges. A wallet's ACL is created and set on-demand when an access control entry (ACE) is appended to the wallet's ACL. The DBMS_NETWORK_ACL_ADMIN package defines constants to use specifying parameter values. Goal This note describes the package DBMS_NETWORK_ACL_ADMIN (new to 11.x) with some examples on how to manually set and check privileges. Oracle provide the DBMS_NETWORK_ACL_ADMIN and DBMS_NETWORK_ACL_UTILITY packages to allow ACL management from PL/SQL. To remove the ACE, use REMOVE_WALLET_ACE. To remove an access control list assignment, use the UNASSIGN_ACL Procedure. The host, which can be the name or the IP address of the host. Table 115-8 APPEND_WALLET_ACL Function Parameters. Users can query the USER_HOST_ACES data dictionary view to check their network and domain permissions. You can use a wildcard to specify a domain or a IP subnet. The syntax for the DBMS_NETWORK_ACL_ADMIN.APPEND_WALLET_ACE procedure is as follows: wallet_path: Enter the path to the directory that contains the wallet that you created in Step 1: Create an Oracle Wallet. This function checks if a privilege is granted to or denied from the user in an ACL by specifying the object ID of the access control list. The end_date will be ignored if the privilege is added to an existing ACE. The host can be the name or the IP address of the host. An Oracle wallet can use both standard and PKCS11 wallet types, as well as being an auto-login wallet. Table 101-12 CHECK_PRIVILEGE_ACLID Function Parameters. A wildcard can be used to specify a domain or a IP subnet. The host can be the name or the IP address of the host. A host's ACL is created and set on-demand when an access control entry (ACE) is appended to the host's ACL. The host or domain name is case-insensitive. To resolve a host name that was given a host IP address, or the IP address that was given a host name, with the UTL_INADDR package, grant the database user the resolve privilege. DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE failing with an ORA-19279 (Doc ID 1464559.1) Last updated on JANUARY 30, 2022 Applies to: Oracle Database - Enterprise Edition - Version 11.2.0.1 to 11.2.0.3 [Release 11.2] Information in this document applies to any platform. Understanding DBMS_NETWORK_ACL_ADMIN With Example (Doc ID 1080105.1) Last updated on JULY 19, 2022 Applies to: PL/SQL - Version 11.1.0.7 and later Information in this document applies to any platform. These passwords and client certificates are stored in an Oracle wallet. Example 10-6 Configuring ACL Access Using Passwords in a Non-Shared Wallet. Use the procedures in this chapter to reconfigure the network access for the application. If the ACL is shared with another host or wallet, a copy of the ACL is made before the ACL is modified. The steps to re-produce the problem: Create new PDB as CDB SYS user Creating a PDB Using the Seed create pluggable database test1 admin user test1admin identified by test1admin roles = (DBA) file_name_convert = ('/pdbseed/', '/test1/') ; alter pluggable database test1 open; Log in to PDB as test1admin and create new local non-administrative user Oracle Database Real Application Security Administrator's and Developer's Guide, "Managing Fine-grained Access to External Network Services". Before you can debug Java PL/SQL procedures, you must be granted the jdwp ACL privilege. DBMS_NETWORK_ACL_ADMIN Database Oracle Oracle Database Release 19 PL/SQL Table of Contents Search Download Oracle Database PL/SQL 1 PL/SQL 2 Oracle Application ExpressAPEX_APPLICATIONAPEX_ZIP 3 CTX_ADM 4 CTX_ANL 5 CTX_CLS 6 CTX_DDL 7 CTX_DOC It can be used in conjunction with the DBA_HOST_ACE view to determine the users and their privilege assignments to access a network host.For example, for access to www.us.example.com: For example, for HQ_DBA's own permission to access to www.us.example.com: This table lists and briefly describes the DBMS_NETWORK_ACL_ADMIN package subprograms. The end_date must be greater than or equal to the start_date. This deprecated procedure unassigns the access control list (ACL) currently assigned to a network host. Appends an access control entry (ACE) to the access control list (ACL) of a network host. Operations are called privileges. The following example grants the use_passwords privilege to the, /* 3. This procedure assigns an access control list (ACL) to a wallet. Solution The ACL controls access to the given wallet from the database and the ACE specifies the privileges granted to or denied from the specified principal. Database administrators can use the DBA_HOST_ACES data dictionary view to query network privileges that have been granted to or denied from database users and roles in the access control lists, and whether those privileges take effect during certain times only. When specifying a TCP port range of a host, it cannot overlap with other existing port ranges of the host.- If the ACL is shared with another host or wallet, a copy of the ACL will be made before the ACL is modified. This procedure assigns an access control list (ACL) to a host computer, domain, or IP subnet, and if specified, the TCP port range. Host to which the ACL is to be assigned. Your steps look fine, so most likely cause is a name resolution one. Configuring fine-grained access control for users and roles that need to access external network services from the database. Table 101-2 DBMS_NETWORK_ACL_ADMIN Exceptions. This procedure unassigns the access control list (ACL) currently assigned to a wallet. An ACL must have at least one privilege setting. However, Oracle Database does not drop the access control list. If the ACL is shared with another host or wallet, a copy of the ACL will be made before the ACL is modified. When you assign a new access control list to a network target, Oracle Database unassigns the previous access control list that was assigned to the same target. The procedure remains available in the package only for reasons of backward compatibility. (Contact Amazon for more information about this setting.). If NULL, lower_port is assumed. Table 115-5 APPEND_HOST_ACE Function Parameters. This document explains how to setup ACL on 12c and later. Directory path of the wallet. Users or roles are called principals. A database user needs the connect privilege to an external network host computer if he or she is connecting using the UTL_TCP, UTL_HTTP, UTL_SMTP, and UTL_MAIL utility packages. Network privilege to be granted or denied - 'connect | resolve' (case sensitive). For example, you can configure applications to use the credentials stored in the wallets instead of hard-coding the credentials in the applications. Name of the ACL. Directory path of the wallet to which the ACL is assigned. */, /* 2. Guide for compatibility issues for applications that depend on the PL/SQL network utility packages. Oracle Database provides data data dictionary views that you can use to find information about existing access control lists. Appends access control entries (ACE) of an access control list (ACL) to the ACL of a network host, Appends an access control entry (ACE) to the access control list (ACL) of a wallet, Appends access control entries (ACE) of an access control list (ACL) to the ACL of a wallet. Port Range Limitation in 19c when assigning ACL via dbms_network_acl_admin.assign_acl. ACLs are used to control access by users to external network services and resources from the database through PL/SQL network utility packages including UTL_TCP , UTL_HTTP , UTL_SMTP and UTL_INADDR . begin dbms_network_acl_admin.assign_acl ( acl => 'gmail.xml', host => '*'); end; However, then the Oracle DB can connect to any server on any port, so for security reasons you should use it only for testing (unless you have external firewall between your Oracle server and the internet) * for IPv4 addresses that belong to an IP subnet. Grant the use_client_certificates and use_passwords privileges for wallet file:/example/wallets/hr_wallet to SCOTT. Lower bound of an optional TCP port range. Table 115-21 UNASSIGN_WALLET_ACL Procedure Parameters, Name of the ACL. If host is NULL, the ACL will be unassigned from any host. The host can be the name or the IP address of the host. Network privilege to be granted or denied. Relative path will be relative to "/sys/acls". Returns 1 when the privilege is granted; 0 when the privilege is denied; NULL when the privilege is neither granted or denied. Name of the ACL. This feature enhances security for network connections because it restricts the external network hosts that a database user can connect to using the PL/SQL network utility packages UTL_TCP, UTL_SMTP, UTL_MAIL, UTL_HTTP, and UTL_INADDR; the DBMS_LDAP and DBMS_DEBUG_JDWP PL/SQL packages; and the HttpUriType type. For example, *.example.com is valid, but *example.com and *.example. For detailed information about how the IPv4 and IPv6 notation works with Oracle Database, see Oracle Database Net Services Administrator's Guide. To remove an access control list assignment, use the UNASSIGN_ACL Procedure. Principal (database user or role) to whom the privilege is granted or denied. The access control list assigned to a domain has a lower precedence than those assigned to the subdomains.For example, Oracle Database first selects the access control list assigned to the host server.us.example.com, ahead of other access control lists assigned to its domains. Create and Configure ACLs in Oracle database - ORACLEAGENT BLOG ORACLEAGENT BLOG Share and Learn together with oracle technology -- Ramkumar HOME SCRIPTS 19C RMAN CONCEPTS 21c Features UPGRADE 19c DATABASE EBS DATABASE 12.2 CLOUD DBA concepts DATAGUARD MULTITENANT PATCH ABOUT ME This procedure appends an access control entry (ACE) to the access control list (ACL) of a network host. Previously, we would assgn a particular rule with a range of lower => 80 and higher => 65535. When specified, the ACE expires after the specified date. You must specify PTYPE_DB because the principal_type value defaults to PTYPE_XS, which is used to specify an Oracle Database Real Application Security application user. Relative path will be relative to "/sys/acls". If acl is NULL, any ACL assigned to the wallet is unassigned. The DBMS_NETWORK_ACL_ADMIN and UTL_HTTP PL/SQL packages can configure ACL access using passwords in a non-shared wallet. Shows the status of the network privileges for the current user to access network hosts. This procedure assigns an access control list (ACL) to a wallet. If the ACL is shared with another host or wallet, a copy of the ACL is made before the ACL is modified. Oracle provides DBA-specific data dictionary views to find information about privilege assignments. Configuring Access Control to an Oracle Wallet Fine-grained access control for Oracle wallets provide user access to network services that require passwords or certificates. Start date of the access control entry (ACE). Table 101-16 REMOVE_HOST_ACE Function Parameters, Whether to remove the ACL when it becomes empty when the ACE is removed. Table 115-19 SET_WALLET_ACL Function Parameters. Only one ACL can be assigned to any host computer, domain, or IP subnet, and if specified, the TCP port range. Network privilege to be deleted. Example 10-4 grants to a database role (acct_mgr) but denies a particular user (psmith) even if he has the role. * are not. Upper bound of a TCP port range. Principal (database user or role) to whom the privilege is granted or denied. Oracle Database provides PL/SQL packages and types for fine-grained access to control access to external network services and wallets. The NETWORK_ACL_ADMIN package provides the interface to administer the network access control lists (ACL). This procedure deletes a privilege in an access control list. Table 115-13 CREATE_ACL Procedure Parameters. Table 101-7 APPEND_WALLET_ACE Function Parameters. This procedure appends access control entries (ACE) of an access control list (ACL) to the ACL of a wallet. When specifying a TCP port range of a host, it cannot overlap with other existing port ranges of the host.- If the ACL is shared with another host or wallet, a copy of the ACL will be made before the ACL is modified. Only one ACL can be assigned to any host computer, domain, or IP subnet, and if specified, the TCP port range. It is a list of access control entries to restrict the hosts that are allowed to connect to the Oracle database. The host can be the name or the IP address of the host. Example 10-5 shows how the DBA_HOST_ACES data dictionary view displays the privilege granted in the previous access control list. The UTL_HTTP package makes Hypertext Transfer Protocol (HTTP) callouts from SQL and PL/SQL. If additional access control lists were assigned to the sub domains, their order of precedence is as follows: Similarly, for multiple access control lists that are assigned to the IP address (both IPv4 and IPv6) and the subnets it belongs to, the access control list that is assigned to the IP address takes precedence over those assigned to the subnets. You can configure access control to grant access to passwords and client certificates. Network privilege to be deleted. Table 122-12 CHECK_PRIVILEGE_ACLID Function Parameters. For a given IP address, say 192.168.0.100, the following subnets are listed in decreasing precedence: An ACE with a "resolve" privilege can be appended only to a host's ACL without a port range. End date of the access control entry (ACE). This is my code (connected as sys as sysdba): declare l_username varchar2(30) := 'APEX_190200. The DBMS_NETWORK_ACL packages configures access control for external network services. port_number enables you to specify a range of ports. [DEPRECATED] Assigns an access control list (ACL) to a wallet, [DEPRECATED] Checks if a privilege is granted or denied the user in an access control list (ACL), [DEPRECATED] Checks if a privilege is granted to or denied from the user in an ACL by specifying the object ID of the access control list, [DEPRECATED] Creates an access control list (ACL) with an initial privilege setting, [DEPRECATED] Deletes a privilege in an access control list (ACL), [DEPRECATED] Drops an access control list (ACL), Removes privileges from access control entries (ACE) in the access control list (ACL) of a network host matching the given ACE, Removes privileges from access control entries (ACE) in the access control list (ACL) of a wallet matching the given ACE, Sets the access control list (ACL) of a network host which controls access to the host from the database, Sets the access control list (ACL) of a wallet which controls access to the wallet from the database, [DEPRECATED] Unassigns the access control list (ACL) currently assigned to a network host, [DEPRECATED] Unassigns the access control list (ACL) currently assigned to a wallet. BEGIN DBMS_NETWORK_ACL_ADMIN.CREATE_ACL This procedure appends access control entries (ACE) of an access control list (ACL) to the ACL of a network host. Upper bound of a TCP port range. Directory path of the wallet to which the ACL is to be assigned. The default is null, which means that there is no port restriction (that is, the ACL applies to all ports). Example 10-9 shows how user preston can check her privileges to connect to www.us.example.com. The ACL has no access control effect unless it is assigned to the network target. Relative path will be relative to "/sys/acls". Oracle Database Exadata Express Cloud Service - Version N/A and later Information in this document applies to any platform. In this example, the TRUE setting for remove_empty_acl removes the ACL when it becomes empty when the wallet ACE is removed. You can configure user access to external network services and wallets through a set of PL/SQL packages and one type. Name of the ACL. Only one ACL can be assigned to any host computer, domain, or IP subnet, and if specified, the TCP port range. Shows the access control list assignments to the network hosts. You must include file: before the directory path. Table 101-10 ASSIGN_WALLET_ACL Procedure Parameters. Table 122-5 APPEND_HOST_ACE Function Parameters. SQL> create user demo identified by demo 2 default tablespace users 3 quota unlimited on users; User created. If you have not been granted the jdwp ACL privilege, then when you try to debug your Java and PL/SQL stored procedures from a remote host, the following errors may appear: To configure network access for JDWP operations, use the DBMS_NETWORK_ACL_ADMIN.APPEND_HOST_ACE procedure. Table 101-4 ADD_PRIVILEGE Function Parameters, Name of the ACL. Table 115-18 SET_HOST_ACL Function Parameters. Create an ACL and define Connect permission to Scott. If the protected URL being requested requires only the client certificate to authenticate, then the BEGIN_REQUEST function sends the necessary client certificate from the wallet. To drop the access control list, use the DROP_ACL Procedure. Table 101-8 APPEND_WALLET_ACL Function Parameters. If a NULL value is given, the privilege will be added to the ACE matching the principal and the is_grant if one exists, or to the end of the ACL if the matching ACE does not exist. 00000 - "network access denied by access control list (ACL)" *Cause: No access control list (ACL) has been assigned to the target host or the privilege necessary to access the target host has not been granted . When specifying a TCP port range, both lower_port and upper_port must not be NULL and upper_port must be greater than or equal to lower_port. The following example grants the use_client_certificates privilege, /* 3. Only the database administrator can query this view. Oracle recommends that you do not use deprecated subprograms in new applications. For example: In this specification, privilege must be one of the following when you enter wallet privileges using xs$ace_type (note the use of underscores in these privilege names): For detailed information about these parameters, see the ace parameter description in Syntax for Configuring Access Control for External Network Services. In this example, user preston was granted privileges for all the network host connections found for www.us.example.com. Directory path of the wallet to which the ACL is assigned. Example 10-9 User Checking Network Access Control Permissions. The SELECT privilege on this view is granted to the SELECT_CATALOG_ROLE role only. Example 10-7 Configuring ACL Access for a Wallet in a Shared Database Session. For the "connect" privilege assignments, an ACL assigned to the host without a port range takes a lower precedence than other ACLs assigned to the same host with a port range. The end_date must be greater than or equal to the start_date. The creation of ACLs is a two step procedure. If a NULL value is given, the deletion is applicable to all privileges. The following table lists the exceptions raised by the DBMS_NETWORK_ACL_ADMIN package. Support for deprecated features is for backward compatibility only. To remove the assignment, use the UNASSIGN_WALLET_ACL Procedure. To resolve a host name that was given a host IP address, or the IP address that was given a host name, with the UTL_INADDR package, grant the database user the resolve privilege. Table 122-19 SET_WALLET_ACL Function Parameters. Symptoms: Cause: Solution: Privilege is granted or not (denied). You can use the DBMS_NETWORK_ACL_ADMIN.APPEND_HOST_ACE procedure to grant the access control privileges to a user. For example: url: Enter the URL to the application that uses the wallet. When specifying a TCP port range, both lower_port and upper_port must not be NULL and upper_port must be greater than or equal to lower_port. The path is case-sensitive of the format file:directory-path. Appends an access control entry (ACE) to the access control list (ACL) of a network host. The DBMS_NETWORK_ACL_ADMIN.APPEND_HOST_ACE can configure access control to deny or grant privileges for a user and a role. The CONTAINS_HOST in the DBMS_NETWORK_ACL_UTLILITY package determines if a host is contained in a domain. This deprecated procedure deletes a privilege in an access control list. In this specification, the TRUE setting for remove_empty_acl removes the ACL when it becomes empty when the ACE is removed. The path is case-sensitive and of the format file:directory-path. To remove the ACE, use the REMOVE_WALLET_ACE Procedure. CREATE_ACL using DBMS_NETWORK_ACL_ADMIN sys package:- BEGIN DBMS_NETWORK_ACL_ADMIN.CREATE_ACL ( acl => '/sys/acls/utl_http.xml', description => 'Allowing SMTP Connection', principal => 'SCHEMANAME', is_grant => TRUE, privilege => 'connect', start_date => SYSTIMESTAMP, end_date => NULL); COMMIT; END; / Oracle Database Real Application Security Administrator's and Developer's Guide for more information about the XS$ACE_TYPE object type. When ACEs with "connect" privileges are appended to a host's ACLs with and without a port range, the one appended to the host with a port range takes precedence. Start date of the access control entry (ACE). host can be a host name, domain name, IP address, or subnet. If a NULL value is given, the privilege will be added to the ACE matching the principal and the is_grant if one exists, or to the end of the ACL if the matching ACE does not exist. For example, if you set lower_port to 80 and omit upper_port, the upper_port setting is assumed to be 80. The host or domain name is case-insensitive. Users are discouraged from setting a wallet's ACL manually. If a non-NULL value is given, the privilege will be added in a new ACE at the given position and there should not be another ACE for the principal with the same is_grant (grant or deny). The host or domain name is case-insensitive. It can be used in conjunction with the DBA_HOST_ACE view to determine the users and their privilege assignments to access a network host.For example, for access to www.us.example.com: For example, for HQ_DBA's own permission to access to www.us.example.com: Table 101-3 DBMS_NETWORK_ACL_ADMIN Package Subprograms, [DEPRECATED] Adds a privilege to grant or deny the network access to the user in an access control list (ACL). For example: ace: Define the ACL by using the XS$ACE_TYPE constant. Tutorial: Adding an Email Alert to a Fine-Grained Audit Policy for an example of configuring access control to external network services for email alerts. These new Network ACL's are an extension of the acl facilities of the XDB subsytem. Use the DBMS_NETWORK_ACL_ADMIN.APPEND_WALLET_ACE procedure to configure the wallet access control privileges. If acl is NULL, any ACL assigned to the wallet is unassigned. If both host and acl are NULL, all ACLs assigned to any hosts are unassigned. DBMS_NETWORK_ACL_ADMIN.CREATE_ACL ( acl => 'www.xml', description => 'WWW ACL', principal => 'SCOTT', is_grant => true, privilege => 'connect' ); oracle acl Share Improve this question Follow edited Feb 6 at 4:55 Paul White 79.2k 28 394 617 asked Sep 22, 2015 at 17:22 Mark Harrison 809 4 20 31 Add a comment 2 Answers Sorted by: 6 DBMS_NETWORK_ACL_UTILITY Database Oracle Oracle Database Release 19 PL/SQL Packages and Types Reference Table of Contents Search Download Table of Contents Preface Changes in This Release for Oracle Database PL/SQL Packages and Types Reference 1 Introduction to Oracle Supplied PL/SQL Packages & Types