In Oracle Database releases 11.2.0.4 and 12c this error (ORA-28405) will be generated, the reason behind that is that Oracle imposed extra restrictions when you grant secure OR password protected role to a normal role OR (password protected role).

****** To simulate this:

connect / as sysdba

SQL>create role RL1 identified by hello23;

SQL>grant create session to RL1;

SQL>create role RL2 identified by bye246;

SQL>grant create session to RL2;

SQL>grant RL1 to RL2;

ORA-28405 Cannot Grant Secure Role To Another Secure Role

There is a workaround solution which is to set parameter _grant_secure_role = true

SQL> alter system set “_grant_secure_role”=true scope=spfile;