Test Application User Access
To test our security, we need to try things that we believe should not work (because of our security measures) as well as the things that we permitted to succeed. To do this, you will need to connect to Oracle as appusr user:
CONNECT appusr;
Note You can find a script of the following commands in the file named Chapter2/AppUsr.sql.
The next three commands, we believe, will fail because the appusr user has not been directly granted access to anything in the HR schema. He only has his default roles, which also do not have access. We should see an error message that those tables or views don't exist.
SELECT * FROM ...Get Expert Oracle and Java Security: Programming Secure Oracle Database Applications with Java now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
