Database Reference
In-Depth Information
System.out.println( rSet.getString( 1 ) );
Notice that the key values we use to select a specific application connection are the instance name
and the user name. These are two of the same values we provided when we called
putAppConnString()
.
Once we get the connection, we can use it to query Oracle database.
Use or Lose Initial Application Verification Connection
Both
getAppConnections()
and
putAppConnections()
do their work using an
appver
user connection. This
is an important point. In establishing the
appver
connection, we have exchanged encryption keys that
are specific for that connection. We will retain sufficient vestiges of those keys in order to continue to
decrypt the connection strings in
connsHash
; however, once we have connected to a different Oracle user
for this specific application and exchanged keys for that connection, we will no longer be able to call
putAppConnections()
using the previous
appver
connection. In other words, we need to run
putAppConnections()
before using any of the connections returned by
getAppConnections()
.
We make another call to
putAppConnections()
in our test code, and it will fail because we already
built and used an application connection. The connection to Oracle database as
appver
user is no longer
available—we only retained the decryption keys associated with that session.
Get an Application Connection and the Associated Secure
Application Role
After we get an application connection from our call to
getAppAuthConn()
, we want to get the secure
application role associated with this application. Instead of calling
p_check_hrview_access
to get that
specific application role, we call our generic
p_check_role_access
procedure, which grants us the secure
application role that is associated with our application ID. In Listing 10-53, notice that we pass the
application ID as parameter number 1.
Listing 10-53.
Get and Application Connection and Set the Application Role
int errNo;
String errMsg;
getAppAuthConn( "orcl", "appusr" )
;
stmt = ( OracleCallableStatement )conn.prepareCall(
"CALL appsec.
p_check_role_access
(?,?,?)" );
stmt.registerOutParameter( 2, OracleTypes.NUMBER );
stmt.registerOutParameter( 3, OracleTypes.VARCHAR );
stmt.setString( 1, OracleJavaSecure.applicationID )
;
stmt.setInt( 2, 0 );
stmt.setNull( 3, OracleTypes.VARCHAR );
stmt.executeUpdate();
errNo = stmt.getInt( 2 );
errMsg = stmt.getString( 3 );
System.out.println( "DistribCd = " + errMsg );
if( errNo != 0 ) {
System.out.println( "Oracle error 1) " + errNo + ", " + errMsg );
}
else if( twoFactorAuth.equals( "" ) )
{
System.out.println( "Call again with two-factor code parameter" );
} else {
if( null != stmt ) stmt.close();
