Security

Testing web applications SSO with Keycloak

Usually when you are developing a new feature or fixing an issue, you want to focus in your business logic. If your application delegates the authentication in some SSO system you usually mocks the response from this last one. However for integration tests, it is nice to be able to test your application against the full SSO cycle, specially if you have to use things like the SAML2 Web Profile.

Oracle VPD as a safeguard for DML

Virtual Private Databases (VPD) is an Enterprise Edition feature related to security. It restricts the scope of Data Manipulation Language to a subset of the table rows by transparently adding a where clause before executing them. It is also called Row-Level Security (RLS). Where the policy is enabled, it is like having the selected DML (SELECT, INSERT, UPDATE, DELETE) operate on a transcient view. And the predicates for this view can be dynamic and even query tables that the user cannot see.

Unified auditing performance

In my previous blog post (http://db-blog.web.cern.ch/blog/szymon-skorupinski/2014-05-migrating-oracle-database-12c-what-do-auditing) I provided you with number of reasons why unified auditing looks very promising and should be seriously considered while migrating to 12c. Nonetheless, I was not talking at all about performance – which also seems to be greatly improved.