Thanks that took care of it.
--
John Rose
Maxim Consulting
(405) 923-2400
www.maximconsulting.net
Powered by the OKC Broadband Network
"Matthias Kleinicke" <Matthias.Kleinicke_at_gmx.de> wrote in message
news:ddqj6n$5cn$1_at_online.de...
> Hi,
>
> John Rose schrieb:
>> I am using Oracle security for my application and would like to allow
>> users to change their own passwords without using SQLPlus. I am
>> attempting to use "ALTER USER username IDENTIFIED BY newpassword REPLACE
>> oldpassword" in a stored procedure to provide this functionality, but it
>> always gets an insufficent priveleges error. The users can change
>> passwords freely at the SQLPlus prompt, but cannot do the same via the
>> procedure.
>>
>> Does anyone have any ideas?
>>
> the procedure must use caller rights. By default the procedure will run
> using all rights given to the owner of the procedure. I do not expect this
> owner to have right ALTER USER so the routine can not succeed.
> If caller rights are used, the routine will use privileges of the caller
> especially changing the own password.
>
> hth
>
> Matthias
>
> PS.: caller rights is an option on create procedure. see syntax in docu.
Received on Mon Aug 15 2005 - 12:41:46 CDT
