Summary
In this chapter, you learned about the security principles of least privilege and defense in depth. You looked at various ways of mapping an application end user to a database user for authentication purposes and each method’s pros and cons. You examined proxy authentication (a JDBC OCI driver feature as of Oracle 10g Release 1 also known as n-tier authentication) in detail, and you learned how this technique can elegantly solve the problems of authentication and password management for a web application. The proxy authentication feature allows the middle tier to authenticate itself to the database on behalf of an end user database account without supplying the end user database account’s password. You also learned how auditing captures the end user identity as well as the proxy user identity.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
Rights and permissions
Copyright information
© 2005 R. M. Menon
About this chapter
Cite this chapter
(2005). Security-Related Issues. In: Expert Oracle JDBC Programming. Apress. https://doi.org/10.1007/978-1-4302-0029-1_15
Download citation
DOI: https://doi.org/10.1007/978-1-4302-0029-1_15
Publisher Name: Apress
Print ISBN: 978-1-59059-407-0
Online ISBN: 978-1-4302-0029-1
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books