Chapter Review

So, what have we got working so far? This whirlwind description will attempt to cover the secure programming ground traversed by this test application, TestOracleJavaSecure.

We call the TestOracleJavaSecure class without a two-factor authentication code for starts. The test application sets its application context in OracleJavaSecure by passing its inner class and application ID. Then (in a standard run mode) the test app calls OracleJavaSecure.getAAConnRole().

Behind the scenes, in OracleJavaSecure, we proxy connect to Oracle Database as the OS user, proxying through the Oracle appver user. Initially, the login trigger for the appver schema checks to assure that the OS user is a valid Oracle user.

Once connected to Oracle database ...

Get Expert Oracle and Java Security: Programming Secure Oracle Database Applications with Java now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.