Database Reference
In-Depth Information
There is another reason why we may want our application inner class in an ancillary outer class.
There is some concern because inner classes have access to the private members of their outer,
containing classes. So having the application inner class in an ancillary outer class would be potentially
less sensitive than having the inner class in the core application class.
The inner class can also be placed inside a method, instead of in the main class body. Generally,
inner classes that are defined within methods are given a “$1” style marker in the middle of their class
name. You can see that when examining the compiled class names.
Get Application Authentication Connection and Role
We should always be on the lookout to make using security easier for developers. With that in mind, we
are going to combine into a single step, what had previously been a couple steps that asked our
developers to implement separately. Up to this point we have asked our developers to, at a minimum,
set their application context, then get an application connection and finally call Oracle Database to set
their secure application role. We are still going to have the developers set their application context, but
we are going to combine the request for an application connection with the request to get the secure
application role. We will do this with a new method,
getAAConnRole()
shown in Listing 10-56.
When we call
getAAConnRole()
, we will have an
OracleConnection
returned to us, and the
connection will already have the secure application role set. This new method takes the same arguments
that we were providing to the
getAppAuthConn()
method.
Listing 10-56.
Get Application Authentication Connection and Role, getAAConnRole()
public static OracleConnection getAAConnRole( String instance, String userName ) {
OracleConnection mConn = null;
OracleCallableStatement stmt = null;
try {
mConn =
getAppAuthConn
( instance, userName );
// If mConn is null, probably did not send twoFactorAuth
if( null == mConn ) return mConn;
int errNo;
String errMsg;
stmt = ( OracleCallableStatement )mConn.prepareCall(
"CALL appsec.
p_check_role_access
(?,?,?)" );
stmt.registerOutParameter( 2, OracleTypes.NUMBER );
stmt.registerOutParameter( 3, OracleTypes.VARCHAR );
stmt.setString( 1,
applicationID
);
stmt.setInt( 2, 0 );
stmt.setNull( 3, OracleTypes.VARCHAR );
stmt.executeUpdate();
errNo = stmt.getInt( 2 );
errMsg = stmt.getString( 3 );
//System.out.println( "DistribCd = " + errMsg );
if( errNo != 0 ) {
System.out.println( "Oracle error 1) " + errNo + ", " + errMsg );
} else if( twoFactorAuth.equals( "" ) ) {
System.out.println( "Call again with two-factor code parameter" );
}
} catch ( Exception x ) {
x.printStackTrace();
} finally {
