Database Reference
In-Depth Information
cipherDES.doFinal
(
(cryptConnsHash.get( key )).getBytes()
)
)
);
}
That syntax for storing our decrypted connection keys looks a bit complex, but we are simply
putting a new entry in the
clearConnsHash
using the key we got in this pass through the for each loop and
a new
String
. The new
String
is derived from the bytes we got back from decrypting the value associated
with this same key in the former
cryptConnsHash
.
Store the connsHash for this Application
We will use a now-familiar process to get a byte array from the
clearConnsHash HashMap
. This is shown in
Listing 10-34.
Listing 10-34.
Get Byte Array of List of Connection Strings
ByteArrayOutputStream baos = new ByteArrayOutputStream();
ObjectOutputStream oout = new ObjectOutputStream( baos );
oout.writeObject( clearConnsHash )
;
oout.flush();
oout.close();
byte[]
connsHashBytes = baos.toByteArray()
;
baos.close();
The final step in
setDecryptConns()
is to store the new
connsHash
in the
v_app_conn_registry
view.
We do that by passing the byte arrays for our application ID class and the
clearConnsHash
to the
p_set_class_conns
procedure in Listing 10-35. This is another of our procedures that handles the
connsHash
as a
BLOB
. In Oracle Database 11g, we are able to get and set
BLOBs
from Java using the
Statement.getBytes()
and
.setBytes()
methods.
Listing 10-35.
Store List of Connection Strings in Oracle
// NOTE: handling BLOBs with getBytes and setBytes is new to Oracle Database 11g
stmt = ( OracleCallableStatement )conn.prepareCall(
"CALL appsec.appsec_only_pkg.p_set_class_conns(?,?,?,?)" );
stmt.setString( 1, className );
stmt.setString( 2, classVersion );
stmt.
setBytes( 3, appClassBytes )
;
stmt.
setBytes( 4, connsHashBytes )
;
stmt.executeUpdate();
Oracle Procedure to Set Values in the Application Registry
The
p_set_class_conns
procedure has three sections. This is shown in Listing 10-36. The first gets a
count of records that already exist with the specific class name and version number. If there are 0, we
will insert a new record in the second section; and if 1, we will update the existing record in the third. In