I would call a web service from PL/SQL Oracle 11g but the following script is not working:
declare
v_Endpoint varchar2(500) := '<my_endpoint>';
v_Http_Req Utl_Http.Req;
begin
Utl_Http.Set_Wallet('<my_wallet_path>','<my_wallet_password>');
Utl_Http.Set_Proxy('<proxy_url>:<proxy_password>#<proxy-url>:8080');
v_Http_Req := Utl_Http.Begin_Request(v_Endpoint, 'POST', 'HTTP/1.1');
exception
when others then
DBMS_OUTPUT.PUT_LINE('EXCEPTION: '||SQLERRM);
DBMS_OUTPUT.PUT_LINE('EXCEPTION: '||DBMS_UTILITY.FORMAT_ERROR_BACKTRACE);
DBMS_OUTPUT.PUT_LINE('EXCEPTION: '||UTL_HTTP.GET_DETAILED_SQLERRM);
end;
EXCEPTION: ORA-29273: richiesta HTTP non riuscita
ORA-06512: a "SYS.UTL_HTTP", line 1130
ORA-53203: violazione di sicurezza
EXCEPTION: ORA-06512: a "SYS.UTL_HTTP", line 1130
ORA-06512: a line 7
EXCEPTION: ORA-53203: violazione di sicurezza
Procedura PL/SQL completata correttamente.
The connection to the endpoint is possible with SOAPUI without problems. I can open the URL in a browser with the proxy <proxy_url>:8080/script_proxy.pac
The wallet contains the certificate that has been downloaded from .
I've inserted the URL test.salesforce.com in the ACL and granted access to the user that runs my script.
How can I figure out the issue?
You probably need to define an ACL to access external network services. Check the output of:
SELECT * FROM DBA_NETWORK_ACLS;
SELECT * FROM DBA_NETWORK_ACL_PRIVILEGES;
And check the documentation to the CREATE_ACL Procedure:
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL (
acl IN VARCHAR2,
description IN VARCHAR2,
principal IN VARCHAR2,
is_grant IN BOOLEAN,
privilege IN VARCHAR2,
start_date IN TIMESTAMP WITH TIMEZONE DEFAULT NULL,
end_date IN TIMESTAMP WITH TIMEZONE DEFAULT NULL );
Related
I've been trying to get Oracle to call a REST API. While getting things set up and running we ran into an issue where our code generates an ORA-53203: security violation. In the process of isolating the issue we set up a procedure to test the connection and this, too, generates the same error.
We are using Oracle 12c and we've set up ACE/ACL entries for the host we're testing with for both 'connect' and 'resolve' permissions.
create or replace procedure showTitleTag ( i_url in varchar2 )
AS
l_httpreq UTL_HTTP.req;
l_httpresp UTL_HTTP.resp;
l_text varchar2(32767);
l_response CLOB;
l_title varchar2(32767);
BEGIN
l_httpreq := UTL_HTTP.begin_request(i_url);
l_httpresp := UTL_HTTP.get_response(l_httpreq);
BEGIN
LOOP
UTL_HTTP.read_text(l_httpresp, l_text, 32766);
l_response := l_response || l_text;
END LOOP;
EXCEPTION
WHEN UTL_HTTP.end_of_body THEN
UTL_HTTP.end_response(l_httpresp);
END;
l_title := REGEXP_REPLACE(l_response, '.*<title> ?(.+) ?</title>.*', '\1', 1, 1, 'in');
DBMS_OUTPUT.put_line(l_title);
EXCEPTION
WHEN OTHERS THEN
UTL_HTTP.end_response(l_httpresp);
RAISE;
END;
This code, should give us the contents of the web-page's title tag (we used "http://www.redhat.com" as our test URL). Instead we receive the following errors:
ORA-29273: HTTP request failed
ORA-53203: security violation
ORA-06512: at "APPS.SHOWTITLETAG", line 29
ORA-06512: at line 1
You need to make sure the related access control list (ACL) assigned and the right privilege has been granted to your target host.
If there's no problem with the first, then look
(select a.lower_port, a.upper_port from dba_network_acls a where a.host like '%i_url%')
whether you defined an interval for the ports of your URL, and
contains the port of the target host(s).
I am trying to write a simple function to verify whether a url is valid.
I started with an anonymous block that looks like;
DECLARE
httpuri HTTPURIType;
y CLOB;
x BLOB;
BEGIN
httpuri := HTTPURIType('http://google.com');
BEGIN
DBMS_OUTPUT.put_line(httpuri.getContentType());
EXCEPTION
WHEN OTHERS
THEN
DBMS_OUTPUT.put_line('Bad Url');
END;
END;
/
This works fine, it outputs a "Bad Url" when the url is bad, and the mime type other wise.
Great let's write a function to encapsulate everything;
CREATE OR REPLACE FUNCTION CHECK_URL
(
URL_IN IN VARCHAR2
) RETURN VARCHAR2 AS
HTTPURI HTTPURIType;
OUT_STRING VARCHAR2(32767);
BEGIN
HTTPURI := HTTPURITYPE(URL_IN);
BEGIN
OUT_STRING := HTTPURI.GETCONTENTTYPE();
EXCEPTION
WHEN OTHERS
THEN
OUT_STRING := 'Error: Bad URL-' || URL_IN;
END;
RETURN OUT_STRING;
END CHECK_URL;
I call it with;
SELECT CHECK_URL('http://google.com') FROM DUAL;
or
DECLARE
BEGIN
DBMS_OUTPUT.PUT_LINE(CHECK_URL('http://google.com'));
END;
/
This always returns "Error: Bad URL-" followed by the url entered. When I take out the exception handler, it gives the following error;
ORA-29273: HTTP request failed
ORA-06512: at "SYS.UTL_HTTP", line 1130
ORA-24247: network access denied by access control list (ACL)
ORA-06512: at "SYS.HTTPURITYPE", line 123
ORA-06512: at "LMSADMIN.CHECK_URL", line 10
29273. 00000 - "HTTP request failed"
*Cause: The UTL_HTTP package failed to execute the HTTP request.
*Action: Use get_detailed_sqlerrm to check the detailed error message.
Fix the error and retry the HTTP request.
I have a minimal understanding of ACL lists. I am running both sets of code as the same user so I am not sure why I get differing results.
Edit: Database Version - 12c R2.
I have created a procedure named as send_mail in sql developer oracle which is written below.
create or replace procedure Send_Mail(Msg_To varchar2, Msg_Subject varchar2, Msg_Text varchar2) is
c Utl_Smtp.Connection;
Rc integer;
Msg_From varchar2(50) := 'it.dev23#dawateislami.net'; -- email of my company which hosted on Gmail
Mailhost varchar2(30) := 'smtp.gmail.com';
begin
c := Utl_Smtp.Open_Connection(Mailhost, 587);
Utl_Smtp.Ehlo(c, Mailhost);
Utl_Smtp.StartTLS(c);
Utl_Smtp.Ehlo(c, Mailhost);
Utl_Smtp.Mail(c, Msg_From);
Utl_Smtp.Rcpt(c, Msg_To);
Utl_Smtp.Data(c,
'From: Oracle Database' || Utl_Tcp.Crlf || 'To: ' || Msg_To || Utl_Tcp.Crlf || 'Subject: ' || Msg_Subject || Utl_Tcp.Crlf ||
Msg_Text);
Utl_Smtp.Quit(c);
exception
when Utl_Smtp.Invalid_Operation then
Dbms_Output.Put_Line(' Invalid Operation in Mail attempt
using UTL_SMTP.');
when Utl_Smtp.Transient_Error then
Dbms_Output.Put_Line(' Temporary e-mail issue - try again');
when Utl_Smtp.Permanent_Error then
Dbms_Output.Put_Line(' Permanent Error Encountered.');
end;
And when i am trying to call the procedure to send email it gives error please help me out i want to send email .let me know where is my mistake.
I have grant all commands
GRANT EXECUTE ON UTL_TCP TO admonline;
GRANT EXECUTE ON UTL_SMTP TO admonline;
GRANT EXECUTE ON UTL_MAIL TO admonline;
GRANT EXECUTE ON UTL_http TO admonline;
--Calling procedure
BEGIN
send_mail(msg_to => 'waqasprince911#gmail.com',
msg_subject => 'Test subject',
msg_text => 'Test text');
END;
Error is Mention
Certificate validation failure
ORA-06512: at "SYS.UTL_TCP", line 59
ORA-06512: at "SYS.UTL_TCP", line 284
ORA-06512: at "SYS.UTL_SMTP", line 284
ORA-06512: at "SYS.UTL_SMTP", line 289
ORA-06512: at "ADMONLINE.SEND_MAIL", line 11
ORA-06512: at line 2
29024. 00000 - "Certificate validation failure"
*Cause: The certificate sent by the other side could not be validated. This may occur if
the certificate has expired, has been revoked, or is invalid for another reason.
*Action: Check the certificate to determine whether it is valid. Obtain a new certificate,
alert the sender that the certificate has failed, or resend.
The error seems pretty clear. Try googliing for UTL_SMTP , certificate and 29024. 00000 - "Certificate validation failure" also read the docs on how to use this package. It would seem to be a failure of the security certificate.
A quick google turned up this,
Also, as a noob, remember you are asking us to take time out of our day to help you. Help us by always including version of product and what steps you have tried and the result and what searches and investigation you have tried.
these may help:
https://mathijsbruggink.com/2013/10/24/sending-mail-from-an-11g-oracle-database-utl_smtp/ https://community.oracle.com/thread/930797 http://www.dadbm.com/enable-oracle-database-to-send-emails-via-smtp-server/ https://community.oracle.com/thread/368259
https://community.oracle.com/thread/4089002 https://oracle-base.com/articles/misc/utl_http-and-ssl
https://docs.oracle.com/database/121/ARPLS/u_smtp.htm#ARPLS074
https://oracle-base.com/articles/misc/email-from-oracle-plsql
im using bi publisher add-in on ms word ...when i tried to print a report in oracle apex 5.1 an error appeared
ORA-20001: The printing engine could not be reached because either the URL specified is incorrect or a proxy URL needs to be specified.
as i found some solutions here on stack overflow so i tried run this on sqlplus command line connected as sysdba
DECLARE
ACL_PATH VARCHAR2(4000);
BEGIN
-- Look for the ACL currently assigned to '*' and give APEX_050100
-- the "connect" privilege if APEX_050100 does not have the privilege yet.
SELECT ACL INTO ACL_PATH FROM DBA_NETWORK_ACLS
WHERE HOST = '*' AND LOWER_PORT IS NULL AND UPPER_PORT IS NULL;
IF DBMS_NETWORK_ACL_ADMIN.CHECK_PRIVILEGE(ACL_PATH, 'APEX_050100',
'connect') IS NULL THEN
DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE(ACL_PATH,
'APEX_050100', TRUE, 'connect');
END IF;
EXCEPTION
-- When no ACL has been assigned to '*'.
WHEN NO_DATA_FOUND THEN
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL('power_users.xml',
'ACL that lets power users to connect to everywhere',
'APEX_050100', TRUE, 'connect');
DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL('power_users.xml','*');
END;
/
COMMIT;
DECLARE
ACL_PATH VARCHAR2(4000);
BEGIN
-- Look for the ACL currently assigned to 'localhost' and give APEX_050100
-- the "connect" privilege if APEX_040200 does not have the privilege yet.
SELECT ACL INTO ACL_PATH FROM DBA_NETWORK_ACLS
WHERE HOST = 'localhost' AND LOWER_PORT IS NULL AND UPPER_PORT IS NULL;
IF DBMS_NETWORK_ACL_ADMIN.CHECK_PRIVILEGE(ACL_PATH, 'APEX_050100',
'connect') IS NULL THEN
DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE(ACL_PATH,
'APEX_050100', TRUE, 'connect');
END IF;
EXCEPTION
-- When no ACL has been assigned to 'localhost'.
WHEN NO_DATA_FOUND THEN
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL('local-access-users.xml',
'ACL that lets users to connect to localhost',
'APEX_050100', TRUE, 'connect');
DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL('local-access-users.xml','localhost');
END;
/
COMMIT;
after i execute i tried again to print the report and then the following error occured:
Error occurred while painting error page: ORA-01403: no data found ORA-29273: HTTP request failed ORA-06512: at "SYS.UTL_HTTP", line 1324 ORA-12570: TNS:packet reader failure
how can i solve this?
First of all ORA-20001 is a user-defined error.
I only re-ordered the first block. Changed the order of statements. Put exception just after select statement. Since, when exception occurs, DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE wouldn't run in your case.
DECLARE
ACL_PATH VARCHAR2(4000);
BEGIN
-- Look for the ACL currently assigned to '*' and give APEX_050100
-- the "connect" privilege if APEX_050100 does not have the privilege yet.
BEGIN
SELECT ACL INTO ACL_PATH FROM DBA_NETWORK_ACLS WHERE HOST = '*' AND LOWER_PORT IS NULL AND UPPER_PORT IS NULL;
EXCEPTION
-- When no ACL has been assigned to '*'.
WHEN NO_DATA_FOUND THEN
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL('power_users.xml',
'ACL that lets power users to connect to everywhere',
'APEX_050100', TRUE, 'connect');
DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL('power_users.xml','*');
END;
IF DBMS_NETWORK_ACL_ADMIN.CHECK_PRIVILEGE(ACL_PATH, 'APEX_050100',
'connect') IS NULL THEN
DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE(ACL_PATH,
'APEX_050100', TRUE, 'connect');
END IF;
END;
/
COMMIT;
I have the user name under ACl and acl has been assigned to host.
but I am getting error http_req filed on trying to connact
ACL has been assigned to host
SELECT * FROM dba_network_acls;
1 *.mer.com /sys/acls/fine_grain_access_http.xml 968743177C0D29D9E040A8C02F1C05F0
user has been added to ACL with connect and resolve prov
SELECT * FROM dba_network_acl_privileges where principal=’SCOTT’
ACL ACLID PRINCIPAL PRIVILEGE IS_GRANT INVERT
1 /sys/acls/fine_grain_access_http.xml 968743177C0D29D9E040A8C02F1C05F0 PRASHANT-MISHRA connect true false
2 /sys/acls/fine_grain_access_http.xml 968743177C0D29D9E040A8C02F1C05F0 PRASHANT-MISHRA resolve true false
below is the code section I am rying to execute
DECLARE
req UTL_HTTP.req;
resp UTL_HTTP.resp;
v_URL VARCHAR2(2000);
VALUE VARCHAR2(32767);
Rpt_id NUMBER:=38660;
part1 VARCHAR2(200);
part2 VARCHAR2(100);
part3 VARCHAR2(100);
username VARCHAR2(100):='PRASHANT-MISHRA';
pass VARCHAR2(100):='Summer#2015';
BEGIN
part1:='http://jira.mer.com/sr/jira.issueviews:searchrequest-xml/';
part2:='/SearchRequest-38660tempMax=3000&';
part3:='field=key';
v_URL:=part1||part2||Rpt_id||part3;
req := UTL_HTTP.begin_request(v_URL,'GET','HTTP/1.1');
UTL_HTTP.set_authentication(req, username, pass);
UTL_HTTP.set_header (req,'Content-Type','application/xml; charset=utf-8');
/*UTL_HTTP.set_header(req, ‘User-Agent’, ‘Mozilla/4.0′);*/
resp := UTL_HTTP.get_response(req);
LOOP
UTL_HTTP.read_line(resp, value, TRUE);
DBMS_OUTPUT.PUT_LINE(value);
END LOOP;
UTL_HTTP.end_response(resp);
END;
Error:
ORA-29273: HTTP request failed
ORA-06512: at "SYS.UTL_HTTP", line 1130
ORA-24247: network access denied by access control list (ACL)
ORA-06512: at line 19
I forgot committing changes after running add_priv to add priv for user to ACL.