CHAPTER 11

image

Secure Views

While APEX offers a number of controls to limit user access to its components, it offers few components to protect the data itself. That may seem like a shortcoming on the surface, but it is not. Protecting data at the application layer can be potentially short-sighted because it protects only that single avenue to the data. If developers spent all of their time building in controls to their APEX application to restrict what users could see, then users could circumvent those controls by accessing the data via another application or directly.

Thus, data is best secured at the database layer, not within the application. ...

Get Expert Oracle Application Express Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.