Skip to Main Content
Forums

SQL & PL/SQL

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

UTL_HTTP and Access control list (ACL)

xxsawerJul 10 2012 — edited Jul 11 2012
Hello guys,
I need help once again.
I was solving a problem in one of our packages which is using UTL_HTTP package.
After calling
utl_http.begin_request
I always got timeout error. This was strange to me, so I recompiled the package and after recompilation I always get
ORA-24247: network access denied by access control list (ACL)

I even didn't know what ACL is, so I started to looking over the internet and found this nice tutorial
http://oracleflash.com/36/Oracle-11g-Access-Control-List-for-External-Network-Services.html

So I started testing from the beginning on another machine...
First:
SQL> select * from v$version;

BANNER
--------------------------------------------------------------------------------
Oracle Database 11g Release 11.1.0.6.0 - 64bit Production
PL/SQL Release 11.1.0.6.0 - Production
CORE    11.1.0.6.0      Production
TNS for Linux: Version 11.1.0.6.0 - Production
NLSRTL Version 11.1.0.6.0 - Production
I granted the access to user P707
GRANT EXECUTE ON UTL_HTTP TO P707;
Created an ACL and assigned a host to it
DECLARE
BEGIN
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL('testACL.xml', 'Testing ACL', 'P707', true, 'connect');
DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL('testACL.xml', '*.google.com');
COMMIT;
END;
Just few crosschecks
SELECT * FROM DBA_TAB_PRIVS WHERE TABLE_NAME = 'UTL_HTTP';

P707	SYS	UTL_HTTP	SYS	EXECUTE	NO	NO

SELECT * FROM DBA_NETWORK_ACLS;

*.google.com	null	null	/sys/acls/testACL.xml   C47A2073CFE0A393E04014AC02C82B7E

SELECT * FROM DBA_NETWORK_ACL_PRIVILEGES;

/sys/acls/testACL.xml	C47A2073CFE0A393E04014AC02C82B7E	P707	connect	true
So everything seems to be configured fine.
Now I use the example from the link I pasted above
create or replace procedure getTitle(pUrl VARCHAR2)
is
  vResult CLOB;
begin
  vResult := replace(UTL_HTTP.REQUEST(pUrl),chr(10),' ');
  vResult := regexp_replace(vResult,'.*.*','\1',1,1,'i');
  dbms_output.put_line(vResult);
EXCEPTION
  WHEN OTHERS THEN
      DBMS_OUTPUT.PUT_LINE(UTL_HTTP.get_detailed_sqlerrm);
end;
/

BEGIN
getTitle('http://www.google.com');
END;
/
But I always get 
ORA-24247: network access denied by access control list (ACL)
Could anybody help me with this?
Thanks, Dan

Comments

Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Aug 8 2012
Added on Jul 10 2012
6 comments
17,135 views