List of Examples

• 2-1 Setting the Password Verifier
• 2-2 DBA Resets the Password with a Password Change Operation for User lwuser2 When Not Explicitly Attached to a Session
• 2-3 User lwuser2 Performs a Self Password Change that Fails When Explicitly Attached to a Session Because the Session Lacks the ALTER USER Privilege
• 2-4 A Self Password Change Succeeds When Explicitly Attached to a Session and User lwuser2's Session Has the ALTER USER Privilege
• 2-5 Configuring a Proxy Application User
• 2-6 Creating a Session and Switching an Application User
• 2-7 Creating a Regular Application Role
• 2-8 Creating a Dynamic Application Role
• 2-9 Setting Effective Dates for an Application User
• 2-10 Setting Effective Dates for an Application Role of an Application User
• 2-11 Creating a New Application User and Granting This User an Application Role
• 2-12 Granting an Application Role to an Existing Application User
• 2-13 Granting a Regular Application Role to Another Regular Application Role
• 2-14 Granting a Database Role to an Application Role
• 3-1 Creating an Application Session
• 3-2 Creating an Anonymous Application Session
• 3-3 Attaching an Application Session
• 3-4 Setting a Cookie for an Application Session
• 3-5 Assigning an Application User to an Application Session
• 3-6 Switching an Application User to Another Application User in the Current Application Session
• 3-7 Registering a Global Callback in an Application Session
• 3-8 Saving the Current User Application Session
• 3-9 Detaching and Committing an Application Session
• 3-10 Detaching and Not Committing an Application Session
• 3-11 Destroying an Application Session
• 3-12 Creating a Namespace Template
• 3-13 Initializing Namespaces When Creating an Application Session
• 3-14 Initializing Namespaces When Attaching an Application Session
• 3-15 Initializing Namespaces When Assigning an Application User to an Application Session
• 3-16 Initializing Namespaces When Switching an Application User in an Application Session
• 3-17 Initializing a Namespace Explicitly in an Application Session
• 3-18 Setting a Namespace Attribute for an Application Session
• 3-19 Getting a Namespace Attribute for an Application Session
• 3-20 Creating a Custom Namespace Attribute for an Application Session
• 3-21 Deleting a Namespace in an Application Session
• 3-22 Enabling a Role in an Application Session
• 3-23 Disabling a Role in an Application Session
• 4-1 Adding an Aggregate Privilege to a Security Class
• 4-2 Adding Implied Privileges to an Aggregate Privilege
• 4-3 Using ALL Grant
• 4-4 Showing Security Class Inheritance
• 4-5 Adding Parent Security Classes for a Specified Security Class
• 4-6 Removing One or More Parent Classes for a Specified Security Class
• 4-7 Adding One or More Application Privileges to a Security Class
• 4-8 Removing One or More Application Privileges from a Specified Security Class
• 4-9 Removing all Application Privileges for a Specified Security Class
• 4-10 Adding One or More Implied Application Privileges to an Aggregate Privilege
• 4-11 Removing a Specified Implied Application Privileges from an Aggregate Privilege
• 4-12 Removing all Implied Application Privileges from an Aggregate Privilege
• 4-13 Setting a Description String for a Specified Security Class
• 4-14 Deleting a Specified Security Class
• 4-15 Creating an Access Control List
• 4-16 Denying a Privilege
• 4-17 Inverting an Application Privilege
• 4-18 Setting ACE Start-Date and End-Date
• 4-19 Appending an ACE to an Access Control List
• 4-20 Removing all ACEs from an ACL
• 4-21 Modifying the Security Class for an ACL
• 4-22 Setting or Modifying the Parent ACL
• 4-23 Removing all ACL Parameters for an ACL
• 4-24 Removing the Specified ACL Parameter for an ACL
• 4-25 Setting a Description String for an ACL
• 4-26 Deleting an ACL
• 4-27 Extending ACL Inheritance
• 4-28 Constraining ACL Inheritance: Firewall-Specific Authentication Privilege
• 4-29 Using a Constraining Application Privilege
• 5-1 Structure of a Data Security Policy
• 5-2 Components of a Data Realm Constraint
• 5-3 Column with an Additional Application Privilege That Has Been Applied
• 5-4 Checking Authorized Data and Masking NULL Values
• 5-5 Using XS_DATA_SECURITY.APPLY_OBJECT_POLICY
• 5-6 A Master Detail Data Realm
• 5-7 How a BEQUEATH CURRENT_USER View Works
• 5-8 How a BEQUEATH DEFINER View Works
• 5-9 Creating the Database User
• 5-10 Creating the DB_EMP Database User
• 5-11 Creating the Application Role EMP_ROLE for Common Employees
• 5-12 Creating the Application Role IT_ROLE for the IT Department
• 5-13 Creating the Application Role HR_ROLE for the HR Department
• 5-14 Granting DB_EMP Database Role to Each Application Role
• 5-15 Creating Application User DAUSTIN
• 5-16 Creating Application User SMAVRIS
• 5-17 Creating the HRPRIVS Security Class
• 5-18 Creating ACLs: EMP_ACL, IT_ACL, and HR_ACL
• 5-19 Creating the EMPLOYEES_DS Data Security Policy
• 5-20 Applying the EMPLOYEES_DS Security Policy to the EMPLOYEES Table
• 5-21 Validating the Real Application Security Objects
• 5-22 Disabling a Data Security Policy for a Table
• 6-1 How to Get an Instance of the Session Manager in Java Using a Single Connection
• 6-2 How to Create a Real Application Security Session in Java
• 6-3 How to Attach a Real Application Security Session in Java
• 6-4 How to Attach Using a Cookie
• 6-5 How to Assign an Application User to a Session in Java
• 6-6 How to Switch an Application User in a Session in Java
• 6-7 How to Enable a Real Application Security Application Role in Java
• 6-8 How to Disable a Real Application Security Application Role in Java
• 6-9 How to Test If a Real Application Security Application Role Is Enabled in Java
• 6-10 How to Create a Namespace in Java
• 6-11 How to Delete a Namespace in Java
• 6-12 How to Implicitly Create the Namespace in Java
• 6-13 How to Create a Session Namespace Attribute in Java
• 6-14 How to Retrieve a Session Namespace Attribute in Java
• 6-15 How to List Attributes in Java
• 6-16 How to Reset an Attribute in Java
• 6-17 How to Delete an Attribute in Java
• 6-18 How to Get the Session ID for the Session in Java
• 6-19 How to Get the Secure Session Cookie in Java
• 6-20 How to Set the Secure Session Cookie in Java
• 6-21 How to Detach a Real Application Security Session in Java
• 6-22 How to Destroy a Real Application Security Session in Java
• 6-23 How to Authenticate Application Users in Java
• 6-24 How to Construct an ACL Identifier
• 6-25 How to get an ACL for a Specified Data Privilege
• 7-1 Creating a Real Application Security Session for External Users
• 7-2 Attaching a Real Application Security Session for External Users
• 7-3 How to Assign a Real Application Security Session to External Users
• 7-4 How to Save a Real Application Security External User Session
• 8-1 Granting the Code-Based Permission CredentialAccessPermission to the xsee.jar File
• 8-2 Application Session Filter Sample Configuration
• 8-3 Application Session APIs: AttachSession and DetachSession
• 8-4 Application Session APIs: DestroySession
• 8-5 Privilege Elevation API
• 8-6 Namespace APIs
• 8-7 CheckPrivilege API
• 8-8 Set Up the HR Demo Application for External Principals
• 8-9 A Complete Application Session Filter Sample Configuration
• 8-10 Sample Servlet Application MyHR.java
• 8-11 Filter to Set Up Application Namespace
• 8-12 User and Group to Application Roles Mapping
• B-1 Retrieving Return Codes from OCI for a Column Authorization
• B-2 Using the OCIDescribeAny Function to Enable an Explicit Describe
• B-3 Check Security Attributes and User Authorization