MySQL DB Procedure Execution by a non-root user

-
In my this blog, I'll share my experience of one of the issues that I faced during procedures execution for a migration project

Problem Statement
Recently I have been involved in an application migration project from one cloud to another cloud. I have done the database migration and due to security reasons, I have changed the identifier of all procedures to a non-root use so that I don't need to provide root credentials. However, One strange issue encountered during the procedure execution. Below is the sample snippet of my procedure I have been executing with a non-root user-
CALL save_wallet_request('233284','23342sad','1','2021-01-13 06:54:23','eeedewewqewqeqe',@out_pgref_no,@out_dup_err)    

Error Code: 1449. The user specified as a definer ('root'@'%') does not exist   0.107 sec

Although I have a valid identifier in my procedure i.e. 'user001@%' but still I was not able to execute the procedure.

Cause
The procedure save_wallet_request I was trying to execute is using a DB table which involves triggers i.e. any update/insert to the table fires triggers. The further investigation cleared that trigger is using the definer 'root@%' and hence entire execution was getting failed. 

Solution
Since a non-root use cannot change the definer of root user so need to catch up a trick using below query-

set global log_bin_trust_function_creators=1;

However, execution of this query via a non-root user is not permitted directly, rather following error encountered again

You do not have the SUPER privilege and binary logging is enabled

Step1- So, the solution is to login as a root user first then execute the above SQL as
> mysql -u root -p
>set global log_bin_trust_function_creators=1;

Step 2- Now we are good to go for the delimiter changes for procedure as a non-root user as
CREATE DEFINER=`user001`@`%` and save the trigger

Step 3- Execute the procedure via user001 and that will work!

Comments

Post a Comment

Popular posts from this blog

Oracle SOA Suite- Implementing Email Notification

-
Image
In this post, I am going to show how to implement email notifications in Oracle SOA Suite using BPEL process. So let's get started- Implementing email notification in Oracle SOA Suite consists of below steps: Environment- IDE- Oracle jDeveloper 11g Weblogic Server 12c Oracle SOA Suite 12c High Level Steps Keep ready email server settings. Configure & enable usermessagingdriver-email for target SOA servers via console. Setting up Email driver (usermessagingdriver-email )with email server settings via enterprise manager. Enable notifications for SOA workflows(make sure either All or EMail option is selected).. Create SOA composite application Deploy it on SOA server. Testing & done. 1. Keep ready email server settings. Keep ready your below email server settings: Outgoing Mail Server          : smtp.domain.com Outgoing Mail Server Port   : xxx Default From Address         : username@doamin.com Outgoing Username            : actualemailid@doma
Read more

Oracle SOA Suite 12c- PKIX path building failed & unable to find valid certification path to requested target

-
Image
Hi Everyone, in this blog I'll be writing one of the strange issue that has been encountered while working with a Oracle SOA composite running in Oracle IDAM environment and trying to invoke a SSL based remote service where SSL certification based exception has been thrown during the service invocation. Environment Oracle SOA Suite 12c  (HA Mode) Oracle IDAM 12c (HA Mode) Oracle Linux 7 External Web Service (SOAP Service) Problem Below is the exception thrown when trying to invoke an external webservice (SSL Based) via BPEL process- <bpelFault><faultType>0</faultType><remoteFault xmlns="http://schemas.oracle.com/bpel/extension"><part name="summary"><summary>oracle.fabric.common.FabricInvocationException: Unable to invoke endpoint URI "https://idam.uppclonline.com/soa-infra/services/default/DefaultOperationalApproval!5.12*soa_69e4734b-d8fe-4edf-b44e-e287f61c2ddf/SMSNotification%23ApprovalProcess/SMSNotification" succe
Read more

Migration of Oracle SOA Suite Composite from 11g to 12c

-
Image
Recently I have came across a scenario where I have a business requirement of  migration of Oracle SOA Suite 11g(11.1.1.7.0) to 12c(12.1.3.0). Below are the different mechanisms I have tried to do, few of them failed and one succeeded. Working in Oracle SOA Suite 11g is completely different from 12c. In 11g, we need to install the jDeveloper(11.1.1.7) then SOA extension separately to be installed either via offline file  (download available at  https://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/156082.xml ) or through jDeveloper top menu >>  Help >> Check for Updates >> SOA Extension.  While working with 12c doesn't involves such tedious job. Only single installer is required for jDeveloper/SOA/Weblogic and is available as QuickStart Installer(download available at https://www.oracle.com/technetwork/middleware/soasuite/downloads/index.html). Approach 1- Compress(Zip) SOA composite code of 11g version (11.1.1.7.0) and unzip to a differe
Read more