I was helping a colleague this morning, his name rhymes with Harold, and he was trying to get his Docker template for ORDS in order.
He had a series of questions, and while I was able to help him understand what was happening fairly quickly, I realized HIS questions looked an awful lot like some of YOUR questions.
So let’s go through them, and maybe this can help, and MAYBE we can try to incorporate some of this into the future ORDS Docs.
ORA-06598: insufficient INHERIT PRIVILEGES privilege
You are trying to REST Enable SYS a la
ORDS.ENABLE_SCHEMA(p_enabled => TRUE, p_schema => 'SYS' ...
This won’t work. It’s not possible to grant proxy connect to any Oracle account for the SYS schema. That’s one of the main things this call does, it allows the ORDS_PUBLIC_USER to do database work (your REST service call) AS the USER where the REST Service is defined.
Also, it would be extremely hazardous to REST Enable the SYS account. Your REST Service, if not coded and secured PERFECTLY, could be used to do very bad things, like…DROP a database.
404…The request could not be mapped to any database
The complete error you would see in the ORDS stack is
The request could not be mapped to any database. Check the request URL is correct, and that URL to database mappings have been correctly configured.
So when ORDS gets routed a request, it needs to ‘unwind’ the URL to see what exactly is being asked of it.
My friend was doing something similar to this –
The problem here is ORDS is saying, I can’t unwind that request on ‘/ords/orcl/hr/metadata-catalog’ to anything I can understand.
Here is one possible way to look at the URI on a HTTP request to ORDS:
If you have ORDS installed into your PDB (recommended), and that ORDS install is only servicing a single database, then the very first thing expected after the ords/ will be an alias for a REST enabled schema.
My friend was putting the DB Name after the /ords, hence that error message. You would only need to do that where you have multiple databases going for your ORDS configuration. In that scenario, you would follow the /ords with a /dbname.
Now, I would expect most folks would default that mapping pattern to the actual name of their database, but you can call it whatever you’d like. ORACLE-BASE has a nice set of instructions here.
I just lied a little bit there…you also need the db name after the /ords if you did a CDB (container) level install of ORDS, but that’s probably going to be much less common.
404 Not Found
In this case, ORDS knows what you want, but is saying there’s nothing there. You have a valid REST Enabled schema (test), but that’s it.
You need to ask for something IN ‘test’ – a REST enabled schema object, or a RESTful Service. If you get this message, ORDS is working, it’s just that you are requesting something that doesn’t exist.
By the way, if you have APEX configured, if you do a request similar to this, ORDS will redirect you to the APEX login vs giving you a 404.
So, how do I test if ORDS is ‘working?’
After REST enabling a schema, the easiest way to test ORDS is with the /metadata-catalog endpoint.
This brings back the inventory of REST Services in your REST enabled schema – in this case, HR.
But, then my friend ran into the NEXT question/problem.
This is a PROTECTED resource IF you do this when you REST enable your schema –
BEGIN ORDS.ENABLE_SCHEMA(p_enabled => TRUE, p_schema => 'HR', p_url_mapping_type => 'BASE_PATH', p_url_mapping_pattern => 'hr', p_auto_rest_auth => TRUE); -- TRUE means protect the catalog! COMMIT; END;
THIS = setting P_AUTO_REST_AUTH to ‘TRUE’. This ONLY protects the /metadata-catalog endpoint.
So, if I login/provide the proper credentials on the request…
Now if you have JUST done an install and REST enabled a schema and done NOTHING else, this call will work, but you’ll get an empty/null JSON collection back, because there’s nothing in the REST Services Catalog for that schema.
What do those funny Timestamp | asldfjalskdjfa messages mean on Error responses?
They are a STAMP that you can use to find the associated information in the ORDS standard out/Tomcat/WLS logs.
For example, let’s say I get a 500. Those logs can be HUGE. If I want to pinpoint where in the stack dump that is happening in the ORDS logs…
I’m sure you have more questions…you know what to do!
In case you don’t know, search in Google. And then if you can’t fine a good answer, I’m happy to take those here 🙂