tailieunhanh - Applied Oracle Security: Developing Secure Database and Middleware Environments- P59

Applied Oracle Security: Developing Secure Database and Middleware Environments- P59:Computer security is a field of study that continues to undergo significant changes at an extremely fast pace. As a result of research combined with increases in computing capacity, computer security has reached what many consider to be “early adulthood.” From advances in encryption and encryption devices to identity management and enterprise auditing, the computer security field is as vast and complex as it is sophisticated and powerful | 554 Part IV Applied Security for Oracle APEX and Oracle Business Intelligence are returned. The other important thing to notice in this package is the VPD tagging function called VPD_TAG r CREATE OR REPLACE PACKAGE AS FUNCTION vpd_whereclause schema_name IN VARCHAR2 object_name IN VARCHAR2 RETURN VARCHAR2 FUNCTION vpd_tag v_channel_manager IN VARCHAR2 RETURN VARCHAR2 END CREATE OR REPLACE PACKAGE body AS FUNCTION vpd_whereclause schema_name IN VARCHAR2 object_name IN VARCHAR2 RETURN VARCHAR2 AS v_whereclause VARCHAR2 2000 v_client_id VARCHAR2 30 BEGIN SELECT sys_context USERENV CLIENT_IDENTIFIER INTO v_client_id FROM dual IF v_client_id IS NOT NULL THEN v_whereclause channel_id in select channel_id from where upper upper v_client_id ELSE v_whereclause 1 0 END IF RETURN v_whereclause END FUNCTION vpd_tag v_channel_manager IN VARCHAR2 RETURN VARCHAR2 AS v_return VARCHAR2 2000 NULL Chapter 14 Securing Oracle BI Content and Data 555 BEGIN FOR r IN SELECT TO_CHAR channel_id channel_id FROM WHERE upper user_name upper v_channel_manager ORDER BY 1 LOOP v_return v_return END LOOP IF v_return IS NOT NULL THEN v_return SUBSTR v_return 1 LENGTH v_return -1 END IF RETURN v_return END END The tag on the Oracle BI cache entry will consist of the values of the security sensitive session variables for the user that issued the query. Figure 14-15 shows the definition of the session variable VPD_TAG notice that Security Sensitive is selected. The code to populate this session variable in the initialization block GET_VPD_TAG makes use of the VPD tagging function select USER from dual FIGURE 14-15 The security session variable VPD_TAG that will be used to tag cache entries 556 Part IV Applied Security for Oracle APEX and Oracle Business Intelligence For the user BICHANNEL1 the VPD_TAG session variable is set to