The Security of Application Contexts
The set_dept_ctx procedure is nothing but an encapsulation of a call to SET_CONTEXT with appropriate parameters. Why not simply call the built-in function directly? Let’s see what happens if a user calls the same code segment to set the value of the attribute DEPTNO to 10.
SQL>BEGIN2DBMS_SESSION.set_context ('DEPT_CTX', 'DEPTNO', 10);3END;4/begin * ERROR at line 1: ORA-01031: insufficient privileges ORA-06512: at "SYS.DBMS_SESSION", line 82 ORA-06512: at line 2
Note the error, ORA-01031: insufficient privileges. That’s puzzling, because the user does have the required EXECUTE privilege on DBMS_SESSION. (It would have been impossible to compile set_dept_ctx without that privilege.)
The insufficient privilege refers not to the use of DBMS_SESSION, but to the attempt to set the context value outside of the set_dept_ctx procedure .
As you can now see, Oracle only “trusts” the set_dept_ctx procedure to set the application context values for DEPT_CTX. In fact, Oracle refers to the program referenced by the USING clause of CREATE CONTEXT as the trusted procedure.
The only schemas that can execute a trusted procedure are:
The schema that owns the procedure
Any schema to which EXECUTE authority is granted on that trusted procedure
So if you are careful about how you grant that EXECUTE authority, you can tightly control the setting of that context’s values.
Tip
You must specify the trusted procedure at the same time that you create your application context. ...