Database Reference
In-Depth Information
There is also one method that we haven't yet put to use:
removeAppConnString()
. It is our intent to
someday implement that from the
OJSAdmin
application.
OJSAdmin
resides in the
orajavsec
package, just
like the
OracleJavaSecure
class. So to make
removeAppConnString()
visible to
OJSAdmin
, we will change
the access modifier to default (package).
Single Oracle Instance Code
If you did not create a second Oracle instance to run the
appver
processes separately, then you need to
run the code in
Chapter12single
. Execute all the scripts and commands listed in the last section, except
there is no
ApverSys.sql
script. One example of the names for the scripts you will use is
Chapter12single/OrclSecAdm.sql
.
You will edit and compile the Java code similarly as well, except you will compile and run the code
in the
Chapter12single
directory.
Bootstrap OJSAdmin
We need a way to get the security administration interface,
OJSAdmin
started. We will be able to get all
future applications started by using
OJSAdmin
, but for
OJSAdmin
itself, we are going to take a couple steps
to bootstrap the application. Did you realize we have been bootstrapping our applications this whole
time, from Chapter 7 through Chapter 11? That's right, when we ran each application with a couple calls
to
putAppConnString()
and another call to
putConnections()
, we were priming the pump and getting the
application engine started with those password strings. The call to
putConnections()
entered a record in
the
appsec.v_app_conn_registry
table that we could use from then on.
After our discussion of the register new application,
RegNewApp
functional screen, you can conclude
that getting a new application registered has become more complex in just this chapter. Part of that
complexity is for enhanced security - only allowing certain administrators to modify connection strings
for certain applications. And part of it is for allowing this Security Administration
Interface to manage
multiple applications; and even more, to become those applications in order to edit associated
connection strings.
It is no longer the case that just inserting a record into
v_app_conn_registry
is sufficient to register
an application; however, that is the most significant step. Now we must designate an administrator for
the application in
v_application_admin
and we must associate the application ID with the application
inner class name in
v_app_class_id
. We have always needed an entry in the
v_application_registry
table that associates a secure application role to a specific application ID and application user.
For the
OJSAdmin
class, Security Administration Interface, we have entered a number of those data
elements from the scripts. We have an entry in
v_application_registry
on both
orcl
and
apver
instances. We inserted those records independently into
v_application_registry
on
orcl
and
apver
, but
in the future we will make inserts on
apver
, and they will be automatically inserted in
orcl
by means of
the insert trigger. We have also made entries in both
v_application_admins
and
v_app_class_id
for the
OJSAdmin
application. Now all we need is an entry in
v_app_conn_registry
, which will include our
application inner class and a list of connection strings (starting out empty).
We are going to call on the facility of our Register New Application functional screen to get the entry
into
v_app_conn_registry
. This is where we experience the chicken or egg quandary (by the way, the
chicken came first). In this case, we need to acquire a connection string from
v_app_conn_registry
before we can use Register New Application. At the same time, we want to use Register New Application
to insert the initial (blank) list of connection strings into
v_app_conn_registry
.
As we have in the preceding chapters, we are going to bootstrap the application connection list. In
Chapter 12, we need to do that in two steps. As before, to bootstrap the application, we place a
connection string in memory on the client application by calling
putAppConnString()
. We do that in the