Database Reference
In-Depth Information
Listing 10-60.
Call to Get Application Connection with Role
OracleConnection conn =
OracleJavaSecure.getAAConnRole( "orcl", "appusr" );
See the Proxy Connection
Now that we have our connection, let's see how we have been identified by Oracle database. There are a
number of Oracle
SYS_CONTEXT
settings that we can query. We will query and display those having to do
with our identity in Listing 10-61.
Listing 10-61.
View the Proxy Connection Settings
mStmt = conn.createStatement();
rSet = mStmt.executeQuery( "SELECT SYS_CONTEXT( 'USERENV', 'OS_USER' )," +
"SYS_CONTEXT( 'USERENV', 'PROXY_USER' ),SYS_CONTEXT( 'USERENV', 'IP_ADDRESS' ),"+
"SYS_CONTEXT( 'USERENV', 'SESSION_USER' ), "+
"SYS_CONTEXT( 'USERENV', 'CLIENT_IDENTIFIER' ) " +
"FROM DUAL" );
if ( rSet.next() ) {
System.out.println( rSet.getString( 1 ) );
System.out.println( rSet.getString( 2 ) );
System.out.println( rSet.getString( 3 ) );
System.out.println( rSet.getString( 4 ) );
System.out.println( rSet.getString( 5 ) );
}
rSet = mStmt.executeQuery( "SELECT * FROM sys.session_roles" );
if ( rSet.next() ) {
System.out.println( rSet.getString( 1 ) );
}
Get Encrypted Data from Oracle
Finally, we will call our standard demonstration stored procedure,
p_select_employees_sensitive
. This
requires additional encryption key exchange with the connection listed in the
connsHash
. The call is
shown in Listing 10-62. Our first encryption keys that we exchanged for the
appver
connection cannot be
reused with a different Oracle connection, as
appusr
for instance.
Listing 10-62.
Call to Get Sensitive Employees Data
String locModulus = OracleJavaSecure.getLocRSAPubMod();
String locExponent = OracleJavaSecure.getLocRSAPubExp();
stmt = ( OracleCallableStatement )conn.prepareCall(
"CALL hr.hr_sec_pkg.
p_select_employees_sensitive
(?,?,?,?,?,?,?,?,?)" );
...
