Describe the use of Roles in Oracle.- Roles in Oracle mean granting privileges to a specific group of users for security. The database manager is usually responsible for granting privileges to a Role.
- Roles reduce the number of Grants that can be given.
- Selective enable and disable can be done.
- Privileges can be dynamically changed using a single GRANT or REVOKE.
- The CREATE ROLE statement is used to create a role, which is a set of privileges that can be granted to users or to other roles.
- The roles can be used to administer database privileges.
- Privileges can be added to a role and then grant the role to a user.
- The user can then enable the role and exercise the privileges granted by the role.
- A role contains all privileges granted to the role and all privileges of other roles granted to it.
- A new role is initially empty. By using the GRANT statement privileges can be added to the role.
- If a role is created that is NOT IDENTIFIED or is IDENTIFIED EXTERNALLY or BY password, then Oracle Database grants the role with ADMIN OPTION.
- However, if a role is created that is IDENTIFIED GLOBALLY, then the database does not grant you the role.