Skip to content

Instantly share code, notes, and snippets.

@pramoth

pramoth/oracle_debug_acl.md

Created October 20, 2025 04:54
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save pramoth/0412897c60a83521b305503c9bd3edd7 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save pramoth/0412897c60a83521b305503c9bd3edd7 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
oracle_debug_acl.md 
-- Create an ACL for JDWP debugging (if not exists)
BEGIN
  DBMS_NETWORK_ACL_ADMIN.CREATE_ACL(
    acl          => 'jdwp_acl.xml',
    description  => 'ACL for JDWP debugging',
    principal    => 'xxx',  -- Replace with your actual schema/user
    is_grant     => TRUE,
    privilege    => 'jdwp'
  );
  COMMIT;
END;
-- Create an ACL for JDWP debugging (if not exists)
BEGIN
  
  -- Assign the ACL to your client host (IP address)
  DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL(
    acl         => 'jdwp_acl.xml',
    host        => '*'   -- Your client machine IP
  );
  
  COMMIT;
END;
SELECT * FROM DBA_NETWORK_ACLS WHERE ACL LIKE '%jdwp%';
SELECT * FROM DBA_NETWORK_ACL_PRIVILEGES WHERE ACL LIKE '%jdwp%';

OR ACL to ROLE instead

-- 1. Create a role

 CREATE ROLE debug_role;

-- 2. Grant the role to users

 GRANT debug_role TO user1, user2, user3;

-- 3. Create ACL with the ROLE as principal

BEGIN
  DBMS_NETWORK_ACL_ADMIN.CREATE_ACL(
    acl         => 'jdwp_debug_acl.xml',
    description => 'JDWP access for debuggers',
    principal   => 'DEBUG_ROLE',  -- ← Role name (case-sensitive if quoted)
    is_grant    => TRUE,
    privilege   => 'jdwp'
  );

  DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL(
    acl  => 'jdwp_debug_acl.xml',
    host => '192.168.1.80',
    lower_port => 51587,
    upper_port => 51587
  );
  COMMIT;
END;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment