Call: +44 (0)7759 277220 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Security guru blasts Oracle's patching policies"] [Next entry: "A new Oracle security blog in English and German and some Oracle security videos"]

A new database security blog talks about propogating middle tier and application user identities

Slavik Markovich has a new database security blog called "Musings on Database Security". I have added this to my Oracle news / blogs aggregator as well. A new post by Slavik that promises to be a three part entry looks very interesting and aims to solve the issue of propogating users identities from applications and middle tier to the database layer. Slavik has given us some example Java code that uses the thin driver and that sets the client identifier and then he launches into an example that uses the newer end to end metrics Java API to set the module, action and client identifier. The PL/SQL built-in package DBMS_APPLICATION_INFO can also be used to set these same client identifiers of course. Slaviks post is titled "Propagating Middle-Tier and Application Users to the DBMS (Part 1 of 3)"