What is the difference between USER() and SYS_CONTEXT('USERENV','CURRENT_USER')?

oracle plsql oracle10g oracle11g
Andrew Martinez picture Andrew Martinez · Jun 12, 2012 · Viewed 42k times · Source

In an Oracle Database, what are the differences between the following:

  • user()
  • sys_context('USERENV', 'CURRENT_USER')
  • sys_context('USERENV', 'SESSION_USER')

Are these also possible related values to whatever 'the current user' is?

  • sys_context('USERENV', 'CURRENT_SCHEMA')
  • sys_context('USERENV', 'AUTHENTICATED_IDENTITY')

I am specifically interested in which ones can change, what can change them, which ones can not change value, which ones have different values based on connection type, and which one(s) is(are) always the schema used to log into the database.

In most of my testing the values are always the same. The only exception would be when running the following to alter 'CURRENT_SCHEMA':

alter session set current_schema=<SCHEMA>

Doing following results in an error:

alter session set current_user=<USER> --even as sys/system, which is good I suppose

So there is some kind of security/rules around all of this. However there must be some reason behind having a SESSION_USER and a CURRENT_USER. I also suppose user() could be a shortcut to sys_context('USERENV', 'CURRENT_USER'), but I could find no documentation on the matter.

Answer

a_horse_with_no_name picture a_horse_with_no_name · Jun 12, 2012

From the manual at: http://docs.oracle.com/cd/E11882_01/server.112/e26088/functions184.htm#SQLRF51825

CURRENT_USER

The name of the database user whose privileges are currently active. This may change during the duration of a session to reflect the owner of any active definer's rights object. When no definer's rights object is active, CURRENT_USER returns the same value as SESSION_USER. When used directly in the body of a view definition, this returns the user that is executing the cursor that is using the view; it does not respect views used in the cursor as being definer's rights.

SESSION_USER

The name of the database user at logon. For enterprise users, returns the schema. For other users, returns the database user name. This value remains the same throughout the duration of the session.

So there is a difference between SESSION_USER and CURRENT_USER especially when CURRENT_USER is used in a stored procedure or function.

I have to admit that I don't know what the term "enterprise user" means though.

Btw: there is a third one:

SESSION_USERID

The identifier of the database user at logon.

Related questions

Oracle PL/SQL string compare issue

I have the following Oracle PL/SQL codes that may be rusty from you guys perspective: DECLARE str1 varchar2(4000); str2 varchar2(4000); BEGIN str1:=''; str2:='sdd'; IF(str1<>str2) THEN dbms_output.put_line('The two strings is …

Read More
How to use Oracle global temporary table?

I am attempting to use an Oracle global temporary table without physically creating a table in the database. The following code is not working. Can someone please explain the proper way to use global temporary tables? declare global temporary table …

Read More
Different behavior for REF CURSOR between Oracle 10g and 11g when unique index present?

Description I have an Oracle stored procedure that has been running for 7 or so years both locally on development instances and on multiple client test and production instances running Oracle 8, then 9, then 10, and recently 11. It has worked consistently until the …

Read More