Re: [eclipselink-users] Create Oracle Authentication Proxy forEclipseLin

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [eclipselink-users] Create Oracle Authentication Proxy forEclipseLink JPA application

From: "Andrei Ilitchev" <andrei.ilitchev@xxxxxxxxxx>
Date: Thu, 17 Dec 2009 11:07:30 -0500
Delivered-to: eclipselink-users@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/eclipselink-users>
List-help: <mailto:eclipselink-users-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/eclipselink-users>, <mailto:eclipselink-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/eclipselink-users>, <mailto:eclipselink-users-request@eclipse.org?subject=unsubscribe>

Title: Create Oracle Authentication Proxy for EclipseLink JPA application

All settings seem to be correct.

To verify the user:

(String)em.createNativeQuery("SELECT SYS_CONTEXT ('USERENV', 'CURRENT_SCHEMA') FROM DUAL").getSingleResult();

that should return pu_user_1.

If the problem is not resolved please post the log with FINESTY log level.

----- Original Message -----

From: Kong, Deirdre Y.

To: eclipselink-users@xxxxxxxxxxx

Sent: Wednesday, December 09, 2009 7:37 PM

Subject: [eclipselink-users] Create Oracle Authentication Proxy forEclipseLink JPA application

Hi,

I am trying to create an Oracle authentication proxy for an EclipseLink JPA application to access Oracle Label Security database (VPD).

In this example, the normal application user is pu_user_1, the big application user is pu_pool_user. pu_pool_user is allowed to proxy for pu_user_1.

In my persistence.xml, I have the following properties set:

<properties>
<property name="eclipselink.jdbc.driver" value="oracle.jdbc.OracleDriver" />
<property name="eclipselink.jdbc.url" value="jdbc:oracle:thin:@localhost:1521:oracle" />
<property name="eclipselink.jdbc.user" value="pu_pool_user" />
<property name="eclipselink.jdbc.password" value="pu_pool_user" />
</properties>

In my codes, I have:

Map properties = new HashMap();
properties.put("eclipselink.jdbc.exclusive-connection.mode", "Isolated");
properties.put("eclipselink.cache.shared.Location", "false");
this.entityManagerFactory=Persistence.createEntityManagerFactory("test", properties);

Map emProperties = new HashMap();
emProperties.put("eclipselink.oracle.proxy-type", oracle.jdbc.OracleConnection.PROXY_USER_NAME);
emProperties.put(oracle.jdbc.OracleConnection.PROXY_USER_NAME, "pu_user_1");
this.entityManager=entityManagerFactory.createEntityManager(emProperties);

this.entityManager.getTransaction().begin();
this.entityManager.persist(location);
commitTransaction();

When I ran the program, it doesn't seem like pu_user_1 is writing to the database, that pu_pool_user is just acting as a proxy. It seems like pu_pool_user is writing to the database.

Are there anything that I am missing? What changes do I need to make to make sure that pu_pool_user is just acting as a proxy? When writing to the database, the security level of the inserted data is set to the security level of pu_user_1?

thanks

_______________________________________________
eclipselink-users mailing list
eclipselink-users@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/eclipselink-users

References:
- [eclipselink-users] Create Oracle Authentication Proxy for EclipseLink JPA application
  - From: Kong, Deirdre Y.

Prev by Date: Re: [eclipselink-users] [MOXy] collection of elements with different names
Next by Date: [eclipselink-users] EclipseLink 2.1 Documentation Proposal
Previous by thread: [eclipselink-users] Create Oracle Authentication Proxy for EclipseLink JPA application
Next by thread: [eclipselink-users] Eager Fetch
Index(es):
- Date
- Thread

Breadcrumbs