Auditing an Oracle database for security issues is very important. provides all of the information and tools that you will need Click here for details of Limited's detailed Oracle database security audit service Click here for details of Limited's Oracle Security Training Courses
There are 44 visitors online    
Cookie Policy:We only use essential cookies on small sections of this website. For details see here.

Pete Finnigan's Oracle security weblog

Home » Archives » November 2004 » Frank Nimphius talks about showing/hiding UIX components based on isUserInRole()

[Previous entry: "And there was more news..."] [Next entry: "OraDep - A tool for analysing dependencies"]

Frank Nimphius talks about showing/hiding UIX components based on isUserInRole()

November 21st, 2004 by Pete

I was surfing the other day and found a post on Frank Nimphius' web log. He writes about Oracle and also about security in J2EE with an Oracle slant. So I check out his site from time to time. I found this post entitled J2EE security: Dynamically show/hide UIX components based on an isUserInRole() J2EE security evaluation. This is an interesting post from Frank.

The post starts by referencing a new paper that he has recently written called "J2EE Security in Oracle ADF Web Applications". This is a 54 page paper and focuses on applying J2EE security to web applications built with the Oracle Application Developer Framework (Oracle ADF) and Apache struts. I have not read it yet, i will do tonight I hope but from skimming it after downloading it looks very interesting.

Franks blog entry is about how dynamically show / hide UIX components based on the users J2EE security role membership. Frank says that he shows how to do this in his paper for JavaServer pages using the struts request tag library. This is not possible for UIX pages. Frank goes on to explain how to do this with an example that uses Expression Language and an indirect way of accessing isUserInRole().

November 2004

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

Weblog Home
Weblog Archives

Oracle Security Tools page
Oracle security papers
Oracle Security alerts

Web Development
SQL Server Security

Atom 0.3 FEED
Powered by gm-rss 2.0.0

Valid XHTML 1.0!