O'Reilly logo

Oracle Security by Marlene Theriault, William Heney

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Oracle Application Server

Web products are usually implemented with a three-tier configuration if a database is involved. While this usually means three computers — a client PC, a middle-tier computer used to support the application code, and a back-end computer that houses the database, as we discussed in Chapter 8 — it does not have to. These are functional concepts, and two computers (or even one) can run with the three-tier model, although that is not common. A two-tier, client server configuration could be used. Most applications dealing with a database must maintain a constant connection. A web application, on the other hand, is stateless and can connect and disconnect from a database as needed to support the web site users’ requests. We’ll describe what we mean by the terms “constant” and “stateless” in the following section.

Constant-State Versus Stateless Connections

Oracle Corporation provides a product called the Oracle Application Server (OAS), which serves a broad spectrum of applications for web-based interaction. With each new version of the Oracle Application Server, new security features are introduced or current features are enhanced. Therefore, this section provides a very general overview of some basic security features available in the OAS version 3.0 product.

While you are dealing with a database from a web site, the actions of the application are remembered internally by the database. This allows you to either keep what you have done (commit) or undo your ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required