1123 Java Security In Oracle 8.1.5, security is provided only through the use of database roles. In Oracle 8.1.6, JServer security is based on Java 2 security, which allows developers to assign privileges on a class-by-class basis. The Java-related roles in 8.1.5 still exist in 8.1.6 for backward compatibility; however, Oracle recommends that you specify each permis- sion explicitly, rather than use the roles. In 8.1.5 the initjvm.sql script creates two roles named JAVAUSERPRIV and JAVASYSPRIV. The privileges for each role are described here. JAVAUSERPRIV privileges: • Open a TCP/IP socket • Read or write from a file using UTL_FILE_DIR JAVASYSPRIV privileges: • Includes all the privileges associated with JAVAUSERPRIV • Create a subprocess • Listen on a specific network port • Set the socket factory • Set the stream handler • Read or write from any file In Java 2 security, you create security policies or permissions for each specific class. Within Oracle8i, you specify the policy through the DBMS_JAVA package, and the security policy is stored within the policy table. This is a new table within the database that exclusively manages Java 2 security permissions. You can grant or revoke permis- sions dynamically by using PL/SQL through DBMS_JAVA procedures, or by using Java through the class ORACLE.AURORA.RDBMS.SECURITY.POLICYTABLEMANAGER. The following two views have been added in Oracle 8.1.6 to view the policy table. Both views contain information about granted and restricted permissions. DBA_JAVA_POLICY Allows you to see all rows within the policy table. USER_JAVA_POLICY Only allows you to see permissions relevant to the current user. NOTE Refer to the Java Developer’s Guide for more information on Java security. JAVA SECURITY Oracle8i Distributed Database PART IV Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. CHAPTER 27 • ORACLE8i AND THE INTERNET 1124 Additional Internet Features Before we end our discussion, it’s worth mentioning few words about Oracle iFS and XML. Oracle Internet File System (iFS) To extend use of Oracle8i as a file system, iFS is an application written in Java that permits users to access database data as though it were stored in files on a disk. Oracle’s Internet File System, or iFS, is an extension to the Oracle8i database. Oracle iFS provides a union of the relational database and the traditional file system; it provides the relia- bility, availability, and scalability of Oracle8i with the look and feel of a standard file system. From the user’s perspective, iFS appears to be standard file system on the network, whether the user accesses the contents through Windows Explorer, a web browser, an FTP client, or some other file system browser. Relational data or hybrid documents of relational and nonrelational data can appear as files. Oracle iFS also supports text searches and queries of those files and data stored in iFS. For the developer, iFS is the single data store for a variety of applications. For the administrator, iFS provides a single point of administration for both file systems and messaging. Oracle iFS is bundled with the database CD pack and is available for free to anyone with an Oracle database license. XML SQL Utility (XSU) The XML SQL Utility (XSU) can generate XML from the results of SQL and JDBC queries. The XML output can be produced as text or as trees of objects conforming to the DOM standard. The XSU can also produce the associated DOM, DTD, or RESULT- SET object of a query. The XSU can be used to insert, update, and delete XML data in database tables and preserve the structure of XML documents when they are saved to the database. Copyright ©2002 SYBEX, Inc., Alameda, CA www.sybex.com Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.