Skip Headers

Oracle® Database JDBC Developer's Guide and Reference
10g Release 1 (10.1)

Part Number B10979-01
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Master Index
Master Index
Go to Feedback page
Feedback

Go to previous page
Previous
Go to next page
Next
View PDF

25 Proxy Authentication

This chapter contains the following sections:

Middle-Tier Authentication Through Proxy Connections

Middle-tier authentication allows one JDBC connection (session) to act as a proxy for other JDBC connections. An application may need proxy authentication for any of the following reasons:

There are three ways to create proxy sessions in the OCI driver. Roles can be associated with any of the following options:

The following code shows signatures of the getProxyConnection() method with information about the proxy type process:

/* 
   * For creating a proxy connection. All macros are defined 
   * in OracleOCIConnectionPool.java 
   * 
   * @param proxyType  Can be one of following types 
               PROXYTYPE_USER_NAME 
                        - This will be the normal mode of specifying the user
                          name in proxyUser as in Oracle8i 

               PROXYTYPE_DISTINGUISHED_NAME 
                        - This will specify the distinguished name of the user
                          in proxyUser 

              PROXYTYPE_CERTIFICATE 
                        - This will specify the proxy certificate 

     The Properties (ie prop) should be set as follows. 

     If PROXYTYPE_USER_NAME 
        PROXY_USER_NAME and/or PROXY_USER_PASSWORD depending 
           on how the connection-pool owner was authenticated 
           to act as proxy for this proxy user 
           PROXY_USER_NAME (String) = user to be proxied for 
           PROXY_PASSWORD (String) = password of the user to be proxied for 

    else if PROXYTYPE_DISTINGUISHED_NAME 
         PROXY_DISTINGUISHED_NAME (String) = (global) distinguished name of the user to be proxied for 
    else if PROXYTYPE_CERTIFICATE (byte[]) 
         PROXY_CERTIFICATE = certficate containing the encoded 
                                  distinguished name 



    PROXY_ROLES (String[])  Set of roles which this proxy connection can use. Roles can be null, and can be associated 
with any of the above proxy methods. 

   * 
   * @return   connection object 
   * 
   * Notes: The user and password used to create OracleOCIConnectionPool() 
   *        must be allowed to act as proxy for user 'us'. 
   */ 
   public synchronized OracleConnection getProxyConnection(String proxyType,
     Properties prop) 
     throws SQLException