Access Oracle Database as Our Identified User
Oracle JDBC transmits a number of identity characteristics from the client to the server. Among these are the OS user ID, the IP address and in certain cases the terminal (client computer) name. We can query these items and use them for validation. Additionally, we can pass identity information to Oracle database, and we can assume a valid alternate identity and use the connected identity as a proxy.
All of these aspects of identity, when appropriately set, allow us to authorize access, and as importantly, to audit access to data. We want to know, monitor, and report who did what.
Examine the Oracle SSO Options for Programmers
Let's examine some of our options at this point. I am going to limit the ...
Get Expert Oracle and Java Security: Programming Secure Oracle Database Applications with Java now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.