环境:
OS:Centos 7
DB:11.2.0.4
1.dbvmgr用户登录创建2个新用户
SQL> connect dbvmgr/Oracle#123
Connected.
SQL> create user hxl100 identified by oracle;
SQL> create user hxl200 identified by oracle;
2.sys用户登录给新用户授权
SQL> connect / as sysdba
Connected.
SQL> grant create session,resource to hxl100;
Grant succeeded.
SQL> grant create session,resource to hxl200;
Grant succeeded.
3.使用用户hxl100登录创建表并写入数据
SQL> connect hxl100/oracle
Connected.
SQL> create table tb_100(id number,name varchar2(32));
Table created.
SQL> insert into tb_100 values(1,'name1');
1 row created.
SQL> insert into tb_100 values(2,'name2');
1 row created.
SQL> commit;
Commit complete.
SQL> select * from tb_100;
ID NAME
---------- --------------------------------
1 name1
2 name2
4.下面我们创建领域,让hxl200用户可以访问hxl100下的表,但是sys和system不能访问
创建领域
创建领域保护对象
这里领域的保护对象是用户hxl100下的所有对象
领域授权
这里要授权2个,一个是owner,目的是授权该账号下的对象给其他用户相应的权限,另外一个是参与者,我们这里的参与者就是hxl200
a.owner授权
b.参与者授权
5.授权查询权限给hxl200用户
SQL> connect hxl100/oracle
Connected.
SQL> grant select on tb_100 to hxl200;
Grant succeeded.
6.验证
SQL> connect / as sysdba
Connected.
SQL> select * from hxl100.tb_100;
select * from hxl100.tb_100
*
ERROR at line 1:
ORA-01031: insufficient privileges
SQL> connect hxl200/oracle
Connected.
SQL> select * from hxl100.tb_100;
ID NAME
---------- --------------------------------
1 name1
2 name2