Database Reference
In-Depth Information
Template for Java Calls to Application Security
We will also provide our application developers with a template Java file. Each developer will search and
replace the generic names for schema, table, procedure etc. to whatever names are appropriate in their
application.
Note
You can find the Java code for the
AppAccessSecure
template class in the file
Chapter7/
AppJavaTemplate.java
.
This file bears strong resemblance to our test code for the structures in the
HR
schema,
TestOracleJavaSecure.java
. It consists of a
main()
method that establishes an Oracle connection and calls
the application structures that the developer will define in the application schema.
Perhaps this will be the most intimidating code for your application developers because of the bulk
required to do key exchange. You are the expert now, so you will do well to give your application
developers some assistance. In fact, it will save you some headaches down the road if you can assist the
developers in implementing this correctly, and avoiding any security weaknesses, like we did with the
HR.EMPLOYEES
table.
Java Archive for Use by Applications
In addition to providing your developers with the two template files, you need to give them the
orajavsec/OracleJavaSecure.class
file. I recommend that you do not give developers the
OracleJavaSecure.java
code file, just to assure yourself that no modified version of the class is in use in
your organization.
Probably the best form to use to distribute the class file is in the form of a Java archive (JAR) file. To
create an appropriate jar file for distribution, you can run the JAR Tool that comes with the JDK. If your
PATH
and
CLASSPATH
are still set as described in Chapter 2, you can get a command prompt window and
change directory to the
Chapter7
directory. From there, execute this command:
jar cvf orajavsec.jar orajavsec/OracleJavaSecure.class
This will create a file named
orajavsec.jar
in the current directory. Distribute this file and instruct
your application developers to place this file name in their
CLASSPATH
both during development and
when their application code is run.
Don't Stop Now
With templates in hand, we are at a point where we can bring Oracle application developers into the
encrypted data over the network fold, and you would do well to take one of your applications and
configure it to use these structures and approaches, to blaze the way. But this is only a half-way house
for security respite. We are going to introduce some powerful concepts in the following chapters that will
entice your application developers to hang with the program. Stepping into secure application
development and operation is like getting your life back. Security is a sense of well-being. It requires
work, but with the work, you determine your own secure computing destiny.