Database Reference
In-Depth Information
Then compile the class again. From the Chapter11 directory, execute:
javac orajavsec/OracleJavaSecure.java
Run Main to Test
Now we will run
OracleJavaSecure
at least five more times. You must run this as an OS (Windows) user
whose matching Oracle user has been granted the
appver_admin
role: your equivalent of
OSADMIN
. The
first time, we will generate a two-factor authentication code. The results will look like this:
Chapter11>java orajavsec.OracleJavaSecure
Main encodes a new APPVER password if given.
After encoding, paste encoded string
in setAppVerConnection method.
You may enter APPVER password on command line.
Domain: ORGDOMAIN, Name: OSADMIN
Please rerun with 2-Factor Auth Code!
We should either receive that code by two-factor authentication code distribution, or find it by
querying the
appsec.v_two_fact_cd_cache
view on the
apver
instance. You will not be able to connect as
appsec
user to see that view, because we expired the
appsec
password; but you can select from the view
as
SYS
user.
Then we execute the same command with the two-factor authentication code as a parameter on the
command line:
Chapter11>java orajavsec.OracleJavaSecure 1234-5678-9012
Main encodes a new APPVER password if given.
After encoding, paste encoded string
in setAppVerConnection method.
Domain: ORGDOMAIN, Name: OSADMIN
connsHash.size = 0
connsHash.size = 0
Domain: ORGDOMAIN, Name: OSADMIN
2011-06-05 21:00:06
You can see that when we get the Oracle connections list for this application from the
apver
instance, the list is empty,
connsHash.size = 0
. We are able to insert connection strings into the list and
use them. Using one of the connection strings, we query the database to get the
SYSDATE
.
When we run this command again, we see that for a minute our
connsHash.size = 2
, and later
= 1
.
The first value is the number of connection strings in the list we get for this application from Oracle. The
second value is the number we have after calling
removeAppConnString()
. We immediately call
putAppConnString()
twice to add and overwrite the connection strings, and then we call
putAppConnections()
to store the list of two connection strings in Oracle for this application. We again
use one of them to get
SYSDATE
from Oracle.
Chapter11>java orajavsec.OracleJavaSecure 1234-5678-9012
Main encodes a new APPVER password if given.
After encoding, paste encoded string
in setAppVerConnection method.
Domain: ORGDOMAIN, Name: OSADMIN
connsHash.size = 2
connsHash.size = 1
Domain: ORGDOMAIN, Name: OSADMIN