Database Reference
In-Depth Information
Scripts Execution and Code Compilation
If you have been running the code in the files in Chapter 12 as we've been discussing it, then you are
mostly through this section. You can skip down to where we discuss editing the Java code. Otherwise,
you need to execute the following scripts (note that there are some dependencies between them):
Execute
Chapter12/OrclSecAdm.sql
as the
secadm
user on the
orcl
instance (your primary database
instance). Change the passwords for both the
ojsaadm
and
avadmin
users before executing the script.
Execute
Chapter12/OrclSys.sql
as
SYS
on the
orcl
instance. Change the placeholder OS user ID,
osadmin
to your OS user ID or whoever is the primary application security administrator.
Execute
Chapter12/OrclHR.sql
as the
HR
schema user on the
orcl
instance.
Execute
Chapter12/OrclAppSec.sql
as the
appsec
user on the
orcl
instance.
Execute
Chapter12/ApverSys.sql
as
SYS
on the
apver
instance. Change the passwords for both the
ojsaadm
and
avadmin
users before executing the script.
Execute
Chapter12/OrclOJSAAdm.sql
as the
ojsaadm
user on the
orcl
instance. Change the password
for the
ojsaadm
user on the
apver
instance, in the database link before executing the script.
From the
Chapter12
directory, edit the code as listed here:
At the top of
orajavsec/OracleJavaSecure.java
, edit the values for
expectedDomain
,
comDomain
,
smtpHost
and
baseURL
. Also, insert the correct value for
prime
(the
encoded connection string for
appver
user on the
apver
instance) into place in the
setAppVerConnection()
method.
•
•
In
orajavsec/PickAppManage.java
, edit the paths to
javaw.exe
, your classes, and
ojdbc.jar
file that are used in the
Runtime.exec()
command in the
manageAppButton_actionPerformed()
method.
In
orajavsec/RegNewApp.java
, edit the password for the
avadmin
user in the default
constructor. Also, temporarily uncomment the calls to
putAppConnString()
and
putAppConnections()
.
•
Note
Having the
avadmin
password, and the calls to
putAppConString()
and
putAppConnections()
, in
RegNewApp.java
is only temporary. After bootstrapping
OJSAdmin
, discussed shortly, be sure to remove the
password and comment those method calls. Then recompile
OJSAdmin
.
Execute the following command to compile
OJSAdmin
and all related classes:
javac orajavsec/OJSAdmin.java
Finally, uncomment the command to
CREATE OR REPLACE AND RESOLVE JAVA SOURCE
at the top of
OracleJavaSecure.java
, and execute that code as a script on both the
orcl
instance (as
appsec
or
SYS
) and
the
apver
instance (as
SYS
).
Final Updates to OracleJavaSecure
There are several legacy methods that we used differently in earlier chapters:
getAppAuthConn()
and
three
setConnection()
methods. Initially we declared these methods to have
public
visibility, but now
we are using the
getAAConnRole()
public method to handle those calls. So we will change the access
modifiers for those legacy methods to be
private
.