I have the user name under ACl and acl has been assigned to host.
but I am getting error http_req filed on trying to connact
ACL has been assigned to host
SELECT * FROM dba_network_acls;
1 *.mer.com /sys/acls/fine_grain_access_http.xml 968743177C0D29D9E040A8C02F1C05F0
user has been added to ACL with connect and resolve prov
SELECT * FROM dba_network_acl_privileges where principal=’SCOTT’
ACL ACLID PRINCIPAL PRIVILEGE IS_GRANT INVERT
1 /sys/acls/fine_grain_access_http.xml 968743177C0D29D9E040A8C02F1C05F0 PRASHANT-MISHRA connect true false
2 /sys/acls/fine_grain_access_http.xml 968743177C0D29D9E040A8C02F1C05F0 PRASHANT-MISHRA resolve true false
below is the code section I am rying to execute
DECLARE
req UTL_HTTP.req;
resp UTL_HTTP.resp;
v_URL VARCHAR2(2000);
VALUE VARCHAR2(32767);
Rpt_id NUMBER:=38660;
part1 VARCHAR2(200);
part2 VARCHAR2(100);
part3 VARCHAR2(100);
username VARCHAR2(100):='PRASHANT-MISHRA';
pass VARCHAR2(100):='Summer#2015';
BEGIN
part1:='http://jira.mer.com/sr/jira.issueviews:searchrequest-xml/';
part2:='/SearchRequest-38660tempMax=3000&';
part3:='field=key';
v_URL:=part1||part2||Rpt_id||part3;
req := UTL_HTTP.begin_request(v_URL,'GET','HTTP/1.1');
UTL_HTTP.set_authentication(req, username, pass);
UTL_HTTP.set_header (req,'Content-Type','application/xml; charset=utf-8');
/*UTL_HTTP.set_header(req, ‘User-Agent’, ‘Mozilla/4.0′);*/
resp := UTL_HTTP.get_response(req);
LOOP
UTL_HTTP.read_line(resp, value, TRUE);
DBMS_OUTPUT.PUT_LINE(value);
END LOOP;
UTL_HTTP.end_response(resp);
END;
Error:
ORA-29273: HTTP request failed
ORA-06512: at "SYS.UTL_HTTP", line 1130
ORA-24247: network access denied by access control list (ACL)
ORA-06512: at line 19
I forgot committing changes after running add_priv to add priv for user to ACL.
Related
I would call a web service from PL/SQL Oracle 11g but the following script is not working:
declare
v_Endpoint varchar2(500) := '<my_endpoint>';
v_Http_Req Utl_Http.Req;
begin
Utl_Http.Set_Wallet('<my_wallet_path>','<my_wallet_password>');
Utl_Http.Set_Proxy('<proxy_url>:<proxy_password>#<proxy-url>:8080');
v_Http_Req := Utl_Http.Begin_Request(v_Endpoint, 'POST', 'HTTP/1.1');
exception
when others then
DBMS_OUTPUT.PUT_LINE('EXCEPTION: '||SQLERRM);
DBMS_OUTPUT.PUT_LINE('EXCEPTION: '||DBMS_UTILITY.FORMAT_ERROR_BACKTRACE);
DBMS_OUTPUT.PUT_LINE('EXCEPTION: '||UTL_HTTP.GET_DETAILED_SQLERRM);
end;
EXCEPTION: ORA-29273: richiesta HTTP non riuscita
ORA-06512: a "SYS.UTL_HTTP", line 1130
ORA-53203: violazione di sicurezza
EXCEPTION: ORA-06512: a "SYS.UTL_HTTP", line 1130
ORA-06512: a line 7
EXCEPTION: ORA-53203: violazione di sicurezza
Procedura PL/SQL completata correttamente.
The connection to the endpoint is possible with SOAPUI without problems. I can open the URL in a browser with the proxy <proxy_url>:8080/script_proxy.pac
The wallet contains the certificate that has been downloaded from .
I've inserted the URL test.salesforce.com in the ACL and granted access to the user that runs my script.
How can I figure out the issue?
You probably need to define an ACL to access external network services. Check the output of:
SELECT * FROM DBA_NETWORK_ACLS;
SELECT * FROM DBA_NETWORK_ACL_PRIVILEGES;
And check the documentation to the CREATE_ACL Procedure:
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL (
acl IN VARCHAR2,
description IN VARCHAR2,
principal IN VARCHAR2,
is_grant IN BOOLEAN,
privilege IN VARCHAR2,
start_date IN TIMESTAMP WITH TIMEZONE DEFAULT NULL,
end_date IN TIMESTAMP WITH TIMEZONE DEFAULT NULL );
I've been trying to get Oracle to call a REST API. While getting things set up and running we ran into an issue where our code generates an ORA-53203: security violation. In the process of isolating the issue we set up a procedure to test the connection and this, too, generates the same error.
We are using Oracle 12c and we've set up ACE/ACL entries for the host we're testing with for both 'connect' and 'resolve' permissions.
create or replace procedure showTitleTag ( i_url in varchar2 )
AS
l_httpreq UTL_HTTP.req;
l_httpresp UTL_HTTP.resp;
l_text varchar2(32767);
l_response CLOB;
l_title varchar2(32767);
BEGIN
l_httpreq := UTL_HTTP.begin_request(i_url);
l_httpresp := UTL_HTTP.get_response(l_httpreq);
BEGIN
LOOP
UTL_HTTP.read_text(l_httpresp, l_text, 32766);
l_response := l_response || l_text;
END LOOP;
EXCEPTION
WHEN UTL_HTTP.end_of_body THEN
UTL_HTTP.end_response(l_httpresp);
END;
l_title := REGEXP_REPLACE(l_response, '.*<title> ?(.+) ?</title>.*', '\1', 1, 1, 'in');
DBMS_OUTPUT.put_line(l_title);
EXCEPTION
WHEN OTHERS THEN
UTL_HTTP.end_response(l_httpresp);
RAISE;
END;
This code, should give us the contents of the web-page's title tag (we used "http://www.redhat.com" as our test URL). Instead we receive the following errors:
ORA-29273: HTTP request failed
ORA-53203: security violation
ORA-06512: at "APPS.SHOWTITLETAG", line 29
ORA-06512: at line 1
You need to make sure the related access control list (ACL) assigned and the right privilege has been granted to your target host.
If there's no problem with the first, then look
(select a.lower_port, a.upper_port from dba_network_acls a where a.host like '%i_url%')
whether you defined an interval for the ports of your URL, and
contains the port of the target host(s).
I am trying to write a simple function to verify whether a url is valid.
I started with an anonymous block that looks like;
DECLARE
httpuri HTTPURIType;
y CLOB;
x BLOB;
BEGIN
httpuri := HTTPURIType('http://google.com');
BEGIN
DBMS_OUTPUT.put_line(httpuri.getContentType());
EXCEPTION
WHEN OTHERS
THEN
DBMS_OUTPUT.put_line('Bad Url');
END;
END;
/
This works fine, it outputs a "Bad Url" when the url is bad, and the mime type other wise.
Great let's write a function to encapsulate everything;
CREATE OR REPLACE FUNCTION CHECK_URL
(
URL_IN IN VARCHAR2
) RETURN VARCHAR2 AS
HTTPURI HTTPURIType;
OUT_STRING VARCHAR2(32767);
BEGIN
HTTPURI := HTTPURITYPE(URL_IN);
BEGIN
OUT_STRING := HTTPURI.GETCONTENTTYPE();
EXCEPTION
WHEN OTHERS
THEN
OUT_STRING := 'Error: Bad URL-' || URL_IN;
END;
RETURN OUT_STRING;
END CHECK_URL;
I call it with;
SELECT CHECK_URL('http://google.com') FROM DUAL;
or
DECLARE
BEGIN
DBMS_OUTPUT.PUT_LINE(CHECK_URL('http://google.com'));
END;
/
This always returns "Error: Bad URL-" followed by the url entered. When I take out the exception handler, it gives the following error;
ORA-29273: HTTP request failed
ORA-06512: at "SYS.UTL_HTTP", line 1130
ORA-24247: network access denied by access control list (ACL)
ORA-06512: at "SYS.HTTPURITYPE", line 123
ORA-06512: at "LMSADMIN.CHECK_URL", line 10
29273. 00000 - "HTTP request failed"
*Cause: The UTL_HTTP package failed to execute the HTTP request.
*Action: Use get_detailed_sqlerrm to check the detailed error message.
Fix the error and retry the HTTP request.
I have a minimal understanding of ACL lists. I am running both sets of code as the same user so I am not sure why I get differing results.
Edit: Database Version - 12c R2.
I need help with this code, I am getting an error saying following.
ORA-29273: HTTP request failed
ORA-12541: TNS:no listener
ORA-06512: at "SYS.UTL_HTTP", line 368
ORA-06512: at "SYS.UTL_HTTP", line 1118
ORA-06512: at line 5
29273. 00000 - "HTTP request failed"
*Cause: The UTL_HTTP package failed to execute the HTTP request.
*Action: Use get_detailed_sqlerrm to check the detailed error message.
Fix the error and retry the HTTP request.
I contacted network team and they see bidirectional traffic on that port being done, so I am not sure what else is/could be wrong? any ideas?
create or replace
procedure Test_Rest_Call3
is
req utl_http.req;
res utl_http.resp;
url varchar2(4000) := 'http://ipaddresshere:9099/api/batchProcess/1';
name varchar2(4000);
buffer varchar2(4000);
content varchar2(4000) := '';
begin
req := utl_http.begin_request(url, 'DELETE',' HTTP/1.1');
utl_http.set_header(req, 'user-agent', 'mozilla/4.0');
utl_http.set_header(req, 'content-type', 'application/json');
utl_http.set_header(req, 'Content-Length', length(content));
utl_http.write_text(req, content);
res := utl_http.get_response(req);
-- process the response from the HTTP call
begin
loop
utl_http.read_line(res, buffer);
dbms_output.put_line(buffer);
end loop;
utl_http.end_response(res);
exception
when utl_http.end_of_body
then
utl_http.end_response(res);
end;
end Test_Rest_Call3;
Have you checked if DBA granted to execute utl_http?
Just try to run it to be sure:
select utl_http.request('http://ipaddresshere:9099/api/batchProcess/1') from dual;
If you get error then ask DBA to give the permission accordingly:
grant execute on utl_http to your_oracle_user_name
grant execute on dbms_lock to user_name
BEGIN
DBMS_NETWORK_ACL_ADMIN.create_acl (
acl => 'local_sx_acl_file.xml',
description => 'A test of the ACL functionality',
principal => 'put your user_name',
is_grant => TRUE,
privilege => 'connect',
start_date => SYSTIMESTAMP,
end_date => NULL);
end;
begin
DBMS_NETWORK_ACL_ADMIN.assign_acl (
acl => 'local_sx_acl_file.xml',
host => 'localhost',
lower_port => 9002,
upper_port => NULL);
end;
I hope it will help.
Cheers,
Morteza Fakoorrad
I have the following error message when I try to establish a HTTP request connection:
ORA-29273: HTTP request failed ORA-06512: at "SYS.UTL_HTTP", line 1029 ORA-12545: Connect failed because target host or object does not exist ORA-06512: at line 10 .
Line 10 is the following:
req := UTL_HTTP.BEGIN_REQUEST('oracle.com');
Here is my pl/sql block:
DECLARE
req UTL_HTTP.REQ;
resp UTL_HTTP.RESP;
name_1 VARCHAR2(256);
value_1 VARCHAR2(1024);
v_msg VARCHAR2 (500);
BEGIN
req := UTL_HTTP.BEGIN_REQUEST('http://www.oracle.com');
UTL_HTTP.SET_HEADER(req, 'User-Agent', 'Mozilla/5.0');
UTL_HTTP.SET_FOLLOW_REDIRECT(req, 0);
resp := UTL_HTTP.GET_RESPONSE(req);
LOOP
Utl_Http.read_text (resp, v_msg);
DBMS_OUTPUT.put_line (v_msg);
END LOOP;
UTL_HTTP.END_RESPONSE(resp);
EXCEPTION
WHEN Utl_Http.end_of_body
THEN
NULL;
END;
the code seems fine to me...
the reason of this error is outside the code you show:
The system this code is run on (the DB server) must be able to resolve the domain name - which has nothing to do with Oracle...
To solve this you need to setup DNS / hosts correctly on the machine / in the OS!