Chapter Review
So, what have we got working so far? This whirlwind description will attempt to cover the secure programming ground traversed by this test application, TestOracleJavaSecure.
We call the TestOracleJavaSecure class without a two-factor authentication code for starts. The test application sets its application context in OracleJavaSecure by passing its inner class and application ID. Then (in a standard run mode) the test app calls OracleJavaSecure.getAAConnRole().
Behind the scenes, in OracleJavaSecure, we proxy connect to Oracle Database as the OS user, proxying through the Oracle appver user. Initially, the login trigger for the appver schema checks to assure that the OS user is a valid Oracle user.
Once connected to Oracle database ...
Get Expert Oracle and Java Security: Programming Secure Oracle Database Applications with Java now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
