Role Manager

Previous  Top  Next

The Role Manager can be reached via the Enterprise Manager. Double clicking the Roles node will open up a window similar to this one:


The Oracle Role Manager


A list of all roles will be displayed, if the role requires a password, this should be displayed.


The toolbar holds 3 buttons to create, edit or drop a role.


When editing or creating a new role, use the OK button to save your changes and the Cancel button to, well, cancel your changes.



The user you used to register your Oracle server needs to have access to view DBA_ROLES for this feature to work.


Creating a New Role

Using the New Role button will give you this dialog:


Create New Role dialog, page 1


On the first page, you can enter the role name and authentication information.


For further information regarding authentication methods, see the Oracle documentation.


Create New Role dialog, page 2


On the second page, Roles, you can assign the new role to existing roles by checking the check box in the Granted column. By checking the Admin-column check box, you can give the role the rights to grant the given role to other roles. The buttons in the toolbar are shortcuts for granting all roles or revoking all privileges from the role.


Create New Role dialog, page 3


The last page holds a large list of system defined privileges that can be granted to the role. Again, there are columns with possible options:

Granted: role has this privilege
Admin: role can grant this privilege to other role


The buttons in the toolbar are shortcuts to grant everything to the role or revoke all given privileges.


For more information about the available privileges, see the Oracle documentation.


Editing a Role

Editing a role will show the same dialog as creating a new role and all properties can be modified except the role name. Modify the role to your liking and use the OK button to save your changes to the database.


Dropping a Role

By using the Drop Role button you can delete a role from the database. Any privileges inherited from this role by other roles or users will be removed.