Database Reference
In-Depth Information
There is also one method that we haven't yet put to use: removeAppConnString() . It is our intent to
someday implement that from the OJSAdmin application. OJSAdmin resides in the orajavsec package, just
like the OracleJavaSecure class. So to make removeAppConnString() visible to OJSAdmin , we will change
the access modifier to default (package).
Single Oracle Instance Code
If you did not create a second Oracle instance to run the appver processes separately, then you need to
run the code in Chapter12single . Execute all the scripts and commands listed in the last section, except
there is no ApverSys.sql script. One example of the names for the scripts you will use is
Chapter12single/OrclSecAdm.sql .
You will edit and compile the Java code similarly as well, except you will compile and run the code
in the Chapter12single directory.
Bootstrap OJSAdmin
We need a way to get the security administration interface, OJSAdmin started. We will be able to get all
future applications started by using OJSAdmin , but for OJSAdmin itself, we are going to take a couple steps
to bootstrap the application. Did you realize we have been bootstrapping our applications this whole
time, from Chapter 7 through Chapter 11? That's right, when we ran each application with a couple calls
to putAppConnString() and another call to putConnections() , we were priming the pump and getting the
application engine started with those password strings. The call to putConnections() entered a record in
the appsec.v_app_conn_registry table that we could use from then on.
After our discussion of the register new application, RegNewApp functional screen, you can conclude
that getting a new application registered has become more complex in just this chapter. Part of that
complexity is for enhanced security - only allowing certain administrators to modify connection strings
for certain applications. And part of it is for allowing this Security Administration Interface to manage
multiple applications; and even more, to become those applications in order to edit associated
connection strings.
It is no longer the case that just inserting a record into v_app_conn_registry is sufficient to register
an application; however, that is the most significant step. Now we must designate an administrator for
the application in v_application_admin and we must associate the application ID with the application
inner class name in v_app_class_id . We have always needed an entry in the v_application_registry
table that associates a secure application role to a specific application ID and application user.
For the OJSAdmin class, Security Administration Interface, we have entered a number of those data
elements from the scripts. We have an entry in v_application_registry on both orcl and apver
instances. We inserted those records independently into v_application_registry on orcl and apver , but
in the future we will make inserts on apver , and they will be automatically inserted in orcl by means of
the insert trigger. We have also made entries in both v_application_admins and v_app_class_id for the
OJSAdmin application. Now all we need is an entry in v_app_conn_registry , which will include our
application inner class and a list of connection strings (starting out empty).
We are going to call on the facility of our Register New Application functional screen to get the entry
into v_app_conn_registry . This is where we experience the chicken or egg quandary (by the way, the
chicken came first). In this case, we need to acquire a connection string from v_app_conn_registry
before we can use Register New Application. At the same time, we want to use Register New Application
to insert the initial (blank) list of connection strings into v_app_conn_registry .
As we have in the preceding chapters, we are going to bootstrap the application connection list. In
Chapter 12, we need to do that in two steps. As before, to bootstrap the application, we place a
connection string in memory on the client application by calling putAppConnString() . We do that in the
 
Search WWH ::




Custom Search