There is a basic mismatch between
- the functionality provided by roles and
- the way stored procedures are compiled.
Stored procedures are created by a particular user and executed by many other users.
Once it is created, a stored procedure is not modified at runtime.
Roles can be changed at runtime and this can create a problem for a stored procedure, because the characteristics of a stored procedure are not allowed to change at runtime.
Because of this, Oracle can not allow a stored procedure to use the security granted by roles at runtime.
Oracle does not allow any privileges granted by roles to be associated with a stored procedure.
A stored procedure only has the object privileges
directly granted to the schema that contains the procedure.