I’m working with secure application roles to grant access to users. In its dumbest

Question

0

Asked: May 27, 20262026-05-27T14:23:06+00:00 2026-05-27T14:23:06+00:00

I’m working with secure application roles to grant access to users. In its dumbest

0

I’m working with secure application roles to grant access to users. In its dumbest form, it looks like that:

create or replace package body main_user.PACK_SAR is
procedure grant_role is
begin
    dbms_session.set_role('TEST_ROLE');
end;
end PACK_SAR;

The package is in authid current_user, as it should be.
The role and user are configured as follow:

create role test_role identified using pack_sar;
grant select on task to test_role;

create user test_user identified by a;
grant create session to test_user;
grant execute on pack_sar to test_user;

Then I login with my test_user, call the procedure and everything is fine:

execute main_user.pack_sar.grant_role;
select * from main_user.task;
[... data from the task table ...]

But now I would like to use my test user with SQL*Loader, so I thought I’m going to do the procedure call in an after logon trigger:

create or replace trigger test_user.after_logon
after logon on test_user.schema
begin
    main_user.pack_sar.grant_role;
end;

But this does not seem to do anything, I don’t get the role after login… Is there any way to do something like this? Or is using secure application roles within SQL*Loader impossible?

Thanks in advance for any idea.