Privileges for Cache Groups
Cache groups require certain users and privileges.
About Cache Group Users and Privileges
There are system and object privileges for cache groups. In order for a user to perform operations involving any cache group, the user must have the appropriate cache group privileges.
In addition, there are administrative users, namely the Oracle cache administration user and the TimesTen cache administration user, who require special privileges. See Cache Group Users.
For a complete list of system and object privileges for cache group operations, see Privileges in Oracle TimesTen In-Memory Database SQL Reference.
Note:
Passthrough does not require any cache group privileges, because privileges are checked by the Oracle database with the user credentials.
Oracle Cache Administration User Privilege
To grant the Oracle cache administration user the minimum set of privileges required
to perform cache operations: On Oracle Database, run the SQL*Plus script
grantCacheAdminPrivileges.sql
in the
timesten_home
/install/oraclescripts
directory
as the SYS
user.
See Grant Privileges to the Oracle Database Users in Oracle TimesTen In-Memory Database Cache Guide.
TimesTen Cache Administration User Privilege
The required privilege for the TimesTen cache administration user is the
CACHE_MANAGER
system privilege, enabling the user to perform necessary
cache group operations.
A TimesTen cache administration user must have the
CACHE_MANAGER
privilege to perform the initial load of a read-only
cache group or to change the state of autorefresh on a read-only cache group. (The
initial load implicitly alters the state of the cache group autorefresh from paused to
on.)
For a complete list of individual cache group operation privileges, see Required Privileges for Cache Operations in Oracle TimesTen In-Memory Database Cache Guide.
This grants the CACHE_MANAGER
privilege to pat
:
Command> GRANT CACHE_MANAGER TO pat;
Note:
An asynchronous writethrough (AWT) cache group combines both cache groups and
replication. The CACHE_MANAGER
privilege provides all of the
privileges needed for creating AWT cache groups.
Privileges for Other Cache Users
Certain cache group privileges are requires for other users (non-administrative users).
Non-Administrative Cache Users
Operations on a cache group or a cache table, such as loading a cache group or updating a cache table, can be performed by any TimesTen user who has sufficient privileges.
Note that for these users, there must also be a corresponding Oracle Database user with the same name who has privilege to select from and update the cached Oracle Database tables.
See Create the TimesTen Users and Grant Privileges to the TimesTen Users in Oracle TimesTen In-Memory Database Cache Guide.
Cache Group System Privileges
Cache group system privileges enable a user to operate on cache group objects across the database.
-
To create a cache group, a user must be granted either the
CREATE CACHE GROUP
orCREATE ANY CACHE GROUP
system privilege. In addition, the user must be granted either theCREATE ANY TABLE
orCREATE TABLE
privilege to create any underlying cache tables, depending on whether the table is owned by the user. -
To drop or alter a cache group that is not owned by the user, the user must be granted the
DROP ANY CACHE GROUP
orALTER ANY CACHE GROUP
privilege as applicable. In addition, the user must be granted theDROP ANY TABLE
privilege to drop any underlying cache tables if the tables are not owned by the user.
For example, the following confers the privilege for a user to alter any cache group in the database:
Command> GRANT ALTER ANY CACHE GROUP TO pat;
These cache group system privileges are for operations on objects not owned by the user:
-
FLUSH ANY CACHE GROUP
-
LOAD ANY CACHE GROUP
-
UNLOAD ANY CACHE GROUP
-
REFRESH ANY CACHE GROUP
Cache Group Object Privileges
Object privileges for cache group operations enable a user to perform a particular operation on a particular cache group that the user does not own.
These are the available cache group object privileges:
-
FLUSH
-
LOAD
-
UNLOAD
-
REFRESH
This example grants pat
the cache group object privilege to perform a FLUSH
on the cache group cachegrp
that is owned by terry
:
Command> GRANT FLUSH ON terry.cachegrp TO pat;
See Methods for Transmitting Changes Between TimesTen and Oracle Databases in Oracle TimesTen In-Memory Database Cache Guide.