Database Reference
In-Depth Information
is the receipt and use of the
applicationID
argument as shown in Listing 10-10. We are not going to go
into the details of our call to our new procedures—you have seen similar calls before.
Listing 10-10.
Header for Method to distribute Two-Factor Code
private static String applicationID = null;
public static final String distribute2Factor( String osUser,
String applicationID
)
throws Exception
{
// Set class static member equal to what passed here from Oracle
OracleJavaSecure.applicationID = applicationID
;
Note
You can find the code just described, which you can see in Listing 10-10, in the file named
Chapter10/orajavsec/OracleJavaSecure.java.
One change that might go unnoticed is suggested by our setting of the static class member,
applicationID
, from what we receive in this procedure. In the last chapter, we had a small issue with the
twoFactorAuth
member: we generated it in the
distribute2Factor()
method, used it there and handed it
to the
distribToSMS()
,
distribToPagerURL()
, and
distribToEMail()
methods. Additionally, we entered it
on the command line in the client, handed it to our secure application role procedure, and eventually
handed it to the
f_is_cur_cached_cd
function. Thus, we had two different points of entry—this will
continue. The problem is that we had two different references for the same thing in
OracleJavaSecure
;
that is unneeded, because we can call it the same thing whether generated on Oracle database for
distribution or entered on the client for return to Oracle database for testing. It is in our benefit to move
that member to a static class member and have a standard location to refer to. Then we can stop passing
it from method to method and just refer to it locally in each method.
We have a couple more static class members that we will similarly put to use in this chapter, the first
of which is coming into play here in the
distribute2Factor()
method. You can see that we pass the
applicationID
to this method and use it to set a static class member. We will refer to this in many places,
and be thankful we don't have to list it in method arguments and pass it around from method to
method.
We pass
applicationID
into the
distribute2Factor()
method because this is the first Java method
called on the Oracle database. On the client side, the
applicationID
is entered by the user and passed to
OracleJavaSecure
from the specific application that is using our services. We will discuss that process
later in this chapter.
Update to Two-Factor Distribution Formats
Now, because we will be sending two-factor authentication codes to the user for multiple applications,
we will have to identify them in the messages we send. We will use the application ID to identify what
app the code is used for. We will place the words “for APPID” on the Subject line and in the message
body, where “APPID” is the specific application ID we are referencing. Here is an example.
From:
response@org.com
