Database Reference
In-Depth Information
Compile and Run as Administrative User, OSADMIN
In the code of
TestOracleJavaSecure.main()
, we have three attempts to connect to Oracle database
before we try to get encrypted data. We attempt to do these things
•
Call
getAppConnections()
to do key exchange and get the list of connection strings
for this application.
Call
putAppConnections()
to update the list of connection strings in Oracle.
•
•
Call
getAAConnRole()
to decode and use a connection string to get a
Connection.
We are going to compile and run
TestOracleJavaSecure
as an administrative user (a user with the
appver_admin
role,
OSADMIN
in our example—probably your OS user ID.) We start out running this
application without a 2-factor authentication code. Here are the commands and results:
Chapter11>javac testojs/TestOracleJavaSecure.java
Chapter11>java testojs/TestOracleJavaSecure
Domain: ORGDOMAIN, Name: OSADMIN
Please rerun with 2-Factor Auth Code!
java.lang.
NullPointerException
Please rerun with 2-Factor Auth Code!
The call to
putAppConnections()
reports a
NullPointerException
- we don't trap exceptions from
that administrative command as closely as we trap exceptions from methods being called by regular
client applications. The other attempts to connect to Oracle point out the need to return with a 2-factor
authentication code.
Let's run the code again with a bogus two-factor authentication code:
Chapter11>java testojs.TestOracleJavaSecure
123
Domain: ORGDOMAIN, Name: OSADMIN
Oracle error 21) 100, ORA-01403:
no data found
java.lang.NullPointerException
Oracle error 21) 100, ORA-01403:
no data found
Wrong or old 2-Factor code parameter
The same
NullPointerException
was reported by
putAppConnections()
, and the other two attempts
to connect to Oracle reported “no data found” error, which is what we get from a bad user or two-factor
authentication code. We also trap a
NullPointerException
in Listing 11-59 when we attempt to use the
Connection
coming from
getAAConnRole()
to get an Oracle
Statement
. If we got this far, it is our
understanding that we have provided a dubious two-factor authentication code, so we report the
problem and exit.
Listing 11-59.
Catch Incorrect Two-Factor Authentication Code
try {
mStmt =
conn.createStatement()
;
} catch( NullPointerException n ) {
System.out.println( "Wrong or old 2-Factor code parameter" );
return;
}