Access control list can be created, amended and deleted by DBMS_NETWORK_ACL_ADMIN package. It is used for network access. For instance, XML transfer etc.
The following code can create ACL and grant CREATE and RESOLVE privileges to user SCOTT.
BEGIN
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL(acl => '/sys/acls/webservice.xml',
description => 'WWW ACL',
principal => 'SCOTT',
is_grant => true,
privilege => 'connect');
DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE(acl => '/sys/acls/webservice.xml',
principal => 'SCOTT',
is_grant => true,
privilege => 'connect');
DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE(acl => '/sys/acls/webservice.xml',
principal => 'SCOTT',
is_grant => true,
privilege => 'resolve');
DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL(acl => '/sys/acls/webservice.xml',
host => '10.1.1.*',
lower_port => 80,
upper_port => 80
);
COMMIT;
END;
Moreover, you can check DBA_NETWORK_ACLS and DBA_NETWORK_ACL_PRIVILEGES data dictionary tables in order to get information about ACLs.
ACLs are droped with DROP_ACL procedure.
BEGIN
DBMS_NETWORK_ACL_ADMIN.drop_acl (acl => '/sys/acls/webservice.xml');
COMMIT;
END;