Database Reference
In-Depth Information
String checkReturn = stmt.getString( 1 );
if( ! checkReturn.equals( okReturnS ) )
System.out.println( checkReturn );
} catch ( Exception x ) {
x.printStackTrace();
} finally {
try {
if ( null != stmt )
stmt.close();
} catch ( Exception y ) {}
}
}
We perform this same operation both on our application inner class, appClass , and the connsHash
HashMap object, which also implements Serializable (as do the String keys and RAW values held by
connsHash ).
We submit our application class and connsHash to Oracle Database as byte arrays. We send them to
the f_set_decrypt_conns Java stored procedure (function). That function merely calls Java on the Oracle
database side, passing these objects to the setDecryptConns() method on the Oracle database, discussed
in detail in the sections that follow.
Save Connection Strings from the Server Perspective
On the Oracle database side, we go through a rather elaborate process in order to get the connsHash table
of connection strings into the shape we want before storing them. You see, when we submit them to
Oracle, they are encrypted with the secret password key that is unique to this session. If we were to store
them as is, we could never decrypt them after this session closes; so we will decrypt them before storage
on Oracle database. We will explore and apply encryption to data on disk when we get to Chapter 11.
The decryption process, however, is preceded by an equally elaborate process to assure that the
application class being submitted is appropriate for either overwriting an existing entry in the registry, or
inserting a new one.
Function to Call Java to Decrypt the List of Connection Strings
From the client, we call a Java stored procedure, f_set_decrypt_conns on Oracle Database to deliver the
connections HashMap . f_set_decrypt_conns simply passes the objects to our Java code on the Oracle
database for processing. Java stored procedures can be seen simply as a doorway to pass data through,
and a call to methods in Java on the Oracle database. We add this function to a new package,
appsec_public_pkg , see Listing 10-25.
Listing 10-25. Function Call to Decrypt List of Connection Strings, f_set_decrypt_conns
CREATE OR REPLACE PACKAGE BODY appsec.appsec_public_pkg IS
FUNCTION f_set_decrypt_conns(
class_instance RAW, connections RAW )
RETURN VARCHAR2
AS LANGUAGE JAVA
NAME 'orajavsec.OracleJavaSecure.setDecryptConns( oracle.sql.RAW, oracle.sql.RAW ) return
java.lang.String';
 
Search WWH ::




Custom Search