Chapter 4: Connection Pools and Proxy Authentication

Previous page
Table of content
Next page

Overview

In this chapter, you’ll explore identification and authentication (I&A) examples as related to Oracle. Our discussion begins with a brief history of authentication strategies. To put today’s security environment in perspective, you’ll briefly explore the previous computing architectures: host-based systems, the use of operating system authenticated users, and the client-server I&A model.

Web applications have their own special set of security challenges and requirements. Among them is how to effectively connect application users to the database in a way that meets the high-throughput demands of the Web and preserves end-to-end security. The predominant connection technique used today relies on database connection pools. This chapter will introduce you to the concepts of connection pools and their wide uses today. You’ll see how two different types of Oracle connection pools can be used to achieve performance. However, if they’re not used correctly—if you don’t preserve the user’s identity—they can short circuit the database security.

The last half of the chapter shows the best technique for providing identity preservation with the connection pools. Preserving a user’s identity is a necessary step to enabling database security.


Previous page
Table of content
Next page
Effective Oracle Database 10g Security by Design
Effective Oracle Database 10g Security by Design
ISBN: 0072231300
EAN: 2147483647
Year: 2003
Pages: 111
Authors: David Knox, McGraw-Hill
BUY ON AMAZON
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
Cisco CallManager Fundamentals (2nd Edition)
Programming Microsoft ASP.NET 3.5
What is Lean Six Sigma
Extending and Embedding PHP
Quantitative Methods in Project Management
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy