Access Oracle Database as Our Identified User

Oracle JDBC transmits a number of identity characteristics from the client to the server. Among these are the OS user ID, the IP address and in certain cases the terminal (client computer) name. We can query these items and use them for validation. Additionally, we can pass identity information to Oracle database, and we can assume a valid alternate identity and use the connected identity as a proxy.

All of these aspects of identity, when appropriately set, allow us to authorize access, and as importantly, to audit access to data. We want to know, monitor, and report who did what.

Examine the Oracle SSO Options for Programmers

Let's examine some of our options at this point. I am going to limit the ...

Get Expert Oracle and Java Security: Programming Secure Oracle Database Applications with Java now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.